CVE-2024-43498

Опубликовано: 29 янв. 2025

Источник: msrc

CVSS3: 9.8

EPSS Низкий

Описание

.NET and Visual Studio Remote Code Execution Vulnerability

FAQ

How could an attacker exploit this vulnerability?

A remote unauthenticated attacker could exploit this vulnerability by sending specially crafted requests to a vulnerable .NET webapp or by loading a specially crafted file into a vulnerable desktop app.

Обновления

Продукт	Статья	Обновление
Microsoft Visual Studio 2022 version 17.6	Release Notes	Security Update
Microsoft Visual Studio 2022 version 17.8	Release Notes	Security Update
Microsoft Visual Studio 2022 version 17.10	Release Notes	Security Update
Microsoft Visual Studio 2022 version 17.11	Release Notes	Security Update
.NET 9.0 installed on Linux	Release Notes	Security Update
.NET 9.0 installed on Mac OS	Release Notes	Security Update
.NET 9.0 installed on Windows	Release Notes	Security Update
PowerShell 7.5 installed on Windows		Security Update
PowerShell 7.5 installed on Linux		Security Update
PowerShell 7.5 installed on MacOS		Security Update

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 80%

0.01428

Низкий

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2024-43498

CVSS3: 9.8

ubuntu

9 месяцев назад

.NET and Visual Studio Remote Code Execution Vulnerability

CVE-2024-43498

CVSS3: 8.8

redhat

9 месяцев назад

.NET and Visual Studio Remote Code Execution Vulnerability

CVE-2024-43498

CVSS3: 9.8

nvd

9 месяцев назад

.NET and Visual Studio Remote Code Execution Vulnerability

GHSA-v7vf-f5q6-m899

CVSS3: 9.8

github

9 месяцев назад

.NET Remote Code Execution Vulnerability

BDU:2024-11130

CVSS3: 9.8

fstec

9 месяцев назад

Уязвимость средства разработки программного обеспечения Microsoft Visual Studio и программной платформы Microsoft.NET, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 80%

0.01428

Низкий

9.8 Critical

CVSS3