Subj : Google Gemini security flaw could have let anyone access systems
To   : All
From : TechnologyDaily
Date : Tue Jul 29 2025 16:30:07

Google Gemini security flaw could have let anyone access systems or run code

Date:
Tue, 29 Jul 2025 15:25:00 +0000

Description:
Having an allow-list in Gemini CLI caused a few issues, but Google patched it 
up.

FULL STORY
======================================================================Gemini 
could automatically run certain commands that were previously placed on an 
allow-list If a benign command was paired with a malicious one, Gemini could 
execute it without warning Version 0.1.14 addresses the flaw, so users should 
update now 

A security flaw in Googles new Gemini CLI tool allowed threat actors to 
target software developers with malware , even exfiltrating sensitive 
information from their devices, without them ever knowing. 

The vulnerability was discovered by cybersecurity researchers from Tracebit 
just days after Gemini CLI was first launched on June 25, 2025. 

Google released a fix with the version 0.1.14, which is now available for 
download. Hiding the attack in plain sight 

Gemini CLI is a tool that lets developers talk to Googles AI (called Gemini) 
directly from the command line. It can understand code, make suggestions, and 
even run commands on the users device. 

The problem stems from the fact that Gemini could automatically run certain 
commands that were previously placed on an allow-list. According to Tracebit, 
there was a way to sneak hidden, malicious instructions into files that 
Gemini reads, like README.md. 

In one test, a seemingly harmless command was paired with a malicious one 
that exfiltrated sensitive information (such as system variables or 
credentials) to a third-party server. 

Because Gemini thought it was just a trusted command, it didnt warn the user 
or ask for approval. Tracebit also says the malicious command could be hidden 
using clever formatting, so users wouldnt even see it happening. 

"The malicious command could be anything (installing a remote shell, deleting 
files, etc), the researchers explained. 

The attack is not that easy to pull off, though. It requires a little setting 
up, including having a trusted command on the allow-list, but it could still 
be used to trick unsuspecting developers into running dangerous code. 

Google has now patched the problem, and if youre using Gemini CLI, make sure 
to update to version 0.1.14 or newer as soon as possible. Also, make sure not 
to run it on unknown, or untrusted code (unless youre in a secure test 
environment). 

 Via BleepingComputer You might also like Google says Gemini is being misused 
to launch major cyberattacks Take a look at our guide to the best 
authenticator app We've rounded up the best password managers



======================================================================
Link to news story:
https://www.techradar.com/pro/security/google-gemini-security-flaw-could-have-
let-anyone-access-systems-or-run-code


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.