Описание
.NET and Visual Studio Elevation of Privilege Vulnerability
FAQ
According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
An attacker must send the user a malicious file and convince them to open it.
What privileges could be gained by an attacker who successfully exploited the vulnerability?
Low-privilege attackers who successfully exploited the vulnerability could potentially write malicious configurations and download malicious files.
According to the CVSS metric, user interaction is required (UI:R) and privileges required is low (PR:L). What does that mean for this vulnerability?
An authorized attacker must send the user a malicious file and convince the user to open it.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Visual Studio 2022 version 17.0 | ||
| .NET 6.0 | ||
| Microsoft Visual Studio 2022 version 17.2 | ||
| Microsoft Visual Studio 2022 version 17.4 | ||
| .NET 7.0 | ||
| Microsoft Visual Studio 2022 version 17.6 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
7.3 High
CVSS3
Связанные уязвимости
.NET and Visual Studio Elevation of Privilege Vulnerability
.NET and Visual Studio Elevation of Privilege Vulnerability
.NET and Visual Studio Elevation of Privilege Vulnerability
.NET and Visual Studio Elevation of Privilege Vulnerability
Уязвимость средства разработки программного обеспечения Microsoft Visual Studio и программной платформы Microsoft.NET, позволяющая нарушителю повысить свои привилегии
EPSS
7.3 High
CVSS3