Full Report
Wiz Research has uncovered 550+ secrets hiding in plain sight. We worked with Microsoft to shut the door.
Analysis Summary
# Vulnerability: Leakage of Extension Update Tokens in VSCode Extensions
## CVE Details
- CVE ID: N/A (This is a systemic security flaw found across the marketplace, not a single CVE-tracked vulnerability)
- CVSS Score: N/A (Severity is determined by the potential impact of leaked tokens, which is high)
- CWE: CWE-312 (Exposure of Sensitive Information to an Inappropriate Authority) is applicable, as are supply chain CWEs.
## Affected Systems
- Products: VSCode Extensions distributed via VSCode Marketplace and Open VSX Marketplace.
- Versions: All extensions where publishers inadvertently bundled credentials (tokens) within the distributable `.vsix` package.
- Configurations: Any extension where development or build artifacts containing un-sanitized secrets (like Personal Access Tokens/PATs) were packaged into the final public release.
## Vulnerability Description
Wiz Research discovered that hundreds of VSCode extension publishers were inadvertently distributing secrets (over 550 validated secrets across 500+ extensions) within their public `.vsix` packages. Critically, over one hundred of these leaks involved **Azure DevOps Personal Access Tokens (PATs)** for the VSCode Marketplace or **Open VSX Access Tokens**. Since VS Code auto-updates extensions, an attacker gaining control of one of these tokens could directly push malicious updates to the entire install base of that extension. The primary root cause traced to the bundling of hidden configuration files (e.g., `.env` files) into the public package.
## Exploitation
- Status: **PoC available** (The tokens were validated as live by Wiz researchers, allowing them to confirm update capability).
- Complexity: **Low** (If an attacker obtains a valid token, pushing an update is straightforward via marketplace APIs).
- Attack Vector: **Network** (The attack relies on public access to extension packages to extract the token, followed by network API calls to push updates).
## Impact
- Confidentiality: **High** (Tokens could grant access to source code repositories or internal systems used for publishing).
- Integrity: **Critical** (Attackers could directly inject malware into the user's IDE via malicious extension updates, impacting a cumulative install base of approximately 150,000 users).
- Availability: **Medium** (Attacker could potentially take down or deface popular extensions via corrupted updates).
## Remediation
### Patches
- This vulnerability is being addressed primarily through platform-level improvements by Microsoft and platform operators. No specific extension patch is universally available, but publishers who were alerted have been directed to revoke and regenerate their compromised tokens.
- **Action required by publishers:** Revoke leaked Azure DevOps PATs/OpenVSX Tokens and rebuild/republish affected extensions after sanitizing packages.
### Workarounds
- **For Users:** Disable automatic extension updates temporarily (though this leaves users on older, potentially vulnerable versions of other software). Users should rely on trust signals and investigate extensions that suddenly change behavior.
- **For Publishers:** Thoroughly review build processes to ensure that secrets, `.env` files, and configuration data are explicitly excluded from the final `.vsix` package before publishing.
## Detection
- **Indicators of Compromise (IoCs):** Detection relies on monitoring for suspicious activity against the **Azure DevOps (or OpenVSX) API** originating from unexpected sources, specifically token usage leading to extension version bumps.
- **Detection Methods and Tools:** IDE security scanning tools *may* be used to scan local `.vsix` files before installation. Marketplace monitoring tools should be deployed to scan published extension metadata for patterns indicating token inclusion, although this is complex. Organizations should audit their own environment for any internal extensions inadvertently published publicly.
## References
- Vendor Advisories: Collaboration with Microsoft Security Response Center (MSRC) led to remedial actions.
- Relevant Links:
- Wiz Blog: hXXps://www.wiz.io/blog/dismantling-a-critical-supply-chain-risk-in-vscode-extension-marketplaces