CVE-2025-52882: WebSocket authentication bypass in Claude Code extensions
ATT&CK techniques detected
T1190Exploit Public-Facing Application
90%
"sends mcp - formatted commands through the established connection. the attack is particularly insidious because : - it requires no user interaction beyond visiting a website. - modern browsers display no security warnings for localhost websocket connections. - the attack can be e…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195.001Compromise Software Dependencies and Development Tools
44%
"but in a true attack, a malicious actor could read / etc / passwd or aws credential files, for example. patch analysis while anthropic does not make the patch code available easily, you can download the npm packages to reverse - engineer the patch. deobfuscation and deminificatio…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
31%
"initiated connections from malicious websites. - dynamic port assignment : the use of dynamic ports provided minimal security through obscurity because port ranges could be systematically attacked with brute force. the mcp server architecture was designed to enable seamless integ…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
A critical vulnerability in older versions of the Claude Code for Visual Studio Code (VS Code) and other IDE extensions allowed malicious websites to connect to unauthenticated local WebSocket servers, potentially enabling remote command execution