“The vulnerability allowed an unprivileged exterior attacker to pressure their very own malicious content material to load as Gemini configuration,” Novee researcher, Elad Meged, stated in a weblog put up. “This triggered command execution instantly on the host system, bypassing security earlier than the agent’s sandbox even initialized.”
The influence of the flaw was restricted to workflows utilizing Gemini CLI in headless mode, with out an interactive interface.
Whereas a CVE ID has not been assigned to the flaw but, Meged stated Google assessed a severity ranking of 10.0, the utmost on the CVSS scale. The utmost severity ranking seemingly comes from the exploit requiring low complexity, minimal privileges, and little to no consumer interplay.
