CVE-2025-56803 is a command injection vulnerability found in Figma Desktop for Windows, specifically in version 125.6.5. The vulnerability arises from the local plugin loader component, which processes plugin manifests. An attacker can craft a malicious plugin manifest.json file with a specially constructed 'build' field. This field is passed directly to the Node.js child_process.exec function without any input validation or sanitization. Because child_process.exec executes commands in the operating system shell, this lack of validation allows an attacker to execute arbitrary OS commands remotely. This results in a Remote Code Execution (RCE) vulnerability, enabling an attacker to run any command with the privileges of the user running the Figma Desktop application. The vulnerability is particularly dangerous because it leverages a trusted plugin loading mechanism, which users may not suspect as a vector for attack. Although no known exploits are reported in the wild yet, the ease of exploitation through a crafted plugin manifest poses a significant risk. The vulnerability affects the Windows version of Figma Desktop, which is widely used by designers and teams for collaborative design work. No patch or mitigation has been officially published at the time of this report, and no CVSS score has been assigned yet.

For European organizations, this vulnerability could have severe consequences. Many enterprises and creative agencies rely on Figma Desktop for collaborative design workflows, often handling sensitive intellectual property and proprietary design assets. An attacker exploiting this vulnerability could execute arbitrary commands on the victim's machine, potentially leading to data theft, installation of malware, lateral movement within corporate networks, or disruption of design operations. Given that Figma Desktop runs with user-level privileges, the attacker could access files and network resources available to the user, compromising confidentiality and integrity. Additionally, if the compromised machine is part of a larger corporate environment, the attacker could leverage this foothold to escalate privileges or move laterally to more critical systems. The lack of user interaction requirement beyond opening or loading a malicious plugin manifest increases the risk of exploitation, especially in environments where plugins are shared or imported from untrusted sources. This vulnerability could also impact supply chain security if malicious plugins are distributed through third-party channels. The absence of a patch and the potential for remote code execution make this a high-risk threat for European organizations using Figma Desktop on Windows.

To mitigate this vulnerability, organizations should immediately restrict the use of third-party or untrusted plugins within Figma Desktop. Administrators should enforce policies that only allow plugins from verified and trusted sources. Until an official patch is released, users should avoid loading or installing new plugins, especially those obtained from external or unverified repositories. Network-level controls can be implemented to monitor and block suspicious outbound connections originating from Figma Desktop processes. Endpoint detection and response (EDR) solutions should be configured to alert on unusual child_process.exec invocations or unexpected command executions from the Figma application. Organizations should also educate users about the risks of loading untrusted plugins and encourage reporting of suspicious plugin behavior. Monitoring file system changes and process execution logs related to Figma Desktop can help detect exploitation attempts. Once a patch is available, prompt deployment is critical. Additionally, sandboxing or running Figma Desktop in a restricted environment with limited privileges can reduce the impact of a potential exploit.