CVE-2025-55345 is a high-severity vulnerability classified under CWE-61, which pertains to UNIX Symbolic Link (Symlink) Following. This vulnerability affects the Codex CLI tool when it is used in workspace-write mode within a malicious context such as a compromised repository or directory. The core issue arises because the tool follows symbolic links that point outside the intended current working directory. This behavior can be exploited by an attacker who controls or can influence the workspace content to create malicious symlinks. When Codex CLI processes these symlinks, it may overwrite arbitrary files on the filesystem outside the allowed directory boundaries. This arbitrary file overwrite can lead to remote code execution (RCE) if critical system or application files are replaced or modified. The vulnerability has a CVSS v3.1 base score of 8.8, indicating a high level of severity. The attack vector is network-based (AV:N), requires no privileges (PR:N), but does require user interaction (UI:R), such as running the tool in a malicious workspace. The scope is unchanged (S:U), and the impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H). No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability was published on August 13, 2025, and assigned by JFROG. The fundamental risk is that by following symlinks outside the intended directory, Codex CLI unintentionally allows attackers to manipulate files beyond the workspace, potentially compromising the host system or environment where it runs.

For European organizations, the impact of CVE-2025-55345 can be significant, especially for those relying on Codex CLI in their development, CI/CD pipelines, or automation workflows. Arbitrary file overwrite can lead to the corruption or replacement of critical configuration files, binaries, or scripts, resulting in system compromise or persistent backdoors. Remote code execution enables attackers to execute arbitrary commands with the privileges of the user running Codex CLI, potentially leading to full system takeover, data breaches, or lateral movement within networks. Organizations in sectors with high reliance on software development tools—such as finance, telecommunications, manufacturing, and government—are at elevated risk. The requirement for user interaction means that developers or automated systems must run Codex CLI in a malicious context, which could occur through compromised repositories or insider threats. The high impact on confidentiality, integrity, and availability means that sensitive data could be exposed or altered, critical services disrupted, and trust in software supply chains undermined. Additionally, the lack of patches increases the urgency for mitigation. The vulnerability could also affect cloud environments and containerized workflows if Codex CLI is used there, broadening the attack surface.

1. Avoid running Codex CLI in workspace-write mode on untrusted or unverified repositories or directories. 2. Implement strict validation and sanitization of workspace contents before executing Codex CLI, including scanning for suspicious or unexpected symbolic links. 3. Use filesystem permissions and access controls to limit the ability of Codex CLI processes to write outside designated directories, such as running the tool inside sandboxed or containerized environments with restricted filesystem access. 4. Monitor and audit file system changes during Codex CLI operations to detect unauthorized file overwrites. 5. Employ runtime security tools that can detect and block attempts to follow symlinks outside allowed paths or prevent unauthorized file modifications. 6. Stay updated with vendor advisories for patches or updates addressing this vulnerability and apply them promptly once available. 7. Educate developers and DevOps teams about the risks of symlink attacks and safe usage practices for Codex CLI. 8. Consider implementing integrity verification for critical files that could be targeted by this vulnerability to detect tampering early.