Advisory #2
TitleMATLAB for Visual Studio Code remote code execution via crafted workspace configuration
CVE IDCVE-2021-28967
VendorXavier Hahn
Affected productMATLAB for Visual Studio Code
Affected versions- 2.0.0
Vulnerability typeCWE-284 (Improper Access Control)
DescriptionMATLAB for Visual Studio Code has a vulnerability that allows a crafted workspace folder to execute arbitrary binaries, which leads remote code execution.
StatusFixed in 2.0.1
RecommendationUpdate to version 2.0.1 or later.