7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
55.7%
.NET and Visual Studio Remote Code Execution Vulnerability
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | microsoft_visual_studio_2019_16.11 (includes 16.0 - 16.10) | * | cpe:2.3:a:microsoft:microsoft_visual_studio_2019_16.11 (includes 16.0 - 16.10):*:*:*:*:*:*:*:* |
microsoft | microsoft_visual_studio_2022_17.0 | * | cpe:2.3:a:microsoft:microsoft_visual_studio_2022_17.0:*:*:*:*:*:*:*:* |
microsoft | microsoft_visual_studio_2017_15.9 (includes 15.0 - 15.8) | * | cpe:2.3:a:microsoft:microsoft_visual_studio_2017_15.9 (includes 15.0 - 15.8):*:*:*:*:*:*:*:* |
microsoft | microsoft_visual_studio_2022_17.4 | * | cpe:2.3:a:microsoft:microsoft_visual_studio_2022_17.4:*:*:*:*:*:*:*:* |
microsoft | microsoft_visual_studio_2022_17.2 | * | cpe:2.3:a:microsoft:microsoft_visual_studio_2022_17.2:*:*:*:*:*:*:*:* |
microsoft | visual_studio | * | cpe:2.3:a:microsoft:visual_studio:*:3:*:*:*:*:*:* |
microsoft | visual_studio | * | cpe:2.3:a:microsoft:visual_studio:*:5:*:*:*:*:*:* |
microsoft | .net_7.0 | * | cpe:2.3:a:microsoft:.net_7.0:*:*:*:*:*:*:*:* |
microsoft | .net_6.0 | * | cpe:2.3:a:microsoft:.net_6.0:*:*:*:*:*:*:*:* |
microsoft | powershell_7.2 | * | cpe:2.3:a:microsoft:powershell_7.2:*:*:*:*:*:*:*:* |
[
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "16.11.0",
"lessThan": "16.11.24",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.0",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.0.0",
"lessThan": "17.0.19",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "15.9.0",
"lessThan": "15.9.52",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.4",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.4.0",
"lessThan": "17.4.5",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.2",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.2.0",
"lessThan": "17.2.13",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2015 Update 3",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "14.0.0",
"lessThan": "14.0.27555.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2013 Update 5",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "12.0.0",
"lessThan": "12.0.40700.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": ".NET 7.0",
"cpes": [
"cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "7.0.0",
"lessThan": "7.0.3",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": ".NET 6.0",
"cpes": [
"cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "6.0.0",
"lessThan": "6.0.14",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "PowerShell 7.2",
"cpes": [
"cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "7.2.0",
"lessThan": "7.2.10",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5 AND 4.8",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1809 for 32-bit Systems",
"Windows Server 2022",
"Windows Server 2019 (Server Core installation)",
"Windows 10 Version 20H2 for ARM64-based Systems",
"Windows 10 Version 20H2 for 32-bit Systems",
"Windows 11 version 21H2 for x64-based Systems",
"Windows 10 Version 21H2 for ARM64-based Systems",
"Windows 11 version 21H2 for ARM64-based Systems",
"Windows 10 Version 21H2 for x64-based Systems",
"Windows 10 Version 21H2 for 32-bit Systems",
"Windows Server 2022 (Server Core installation)",
"Windows Server 2019",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 22H2 for x64-based Systems",
"Windows 10 Version 22H2 for ARM64-based Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016",
"Windows Server 2016 (Server Core installation)",
"Windows 10 Version 22H2 for 32-bit Systems"
],
"versions": [
{
"version": "4.8.0",
"lessThan": "10.0.04614.06",
"versionType": "custom",
"status": "affected"
},
{
"version": "4.8.0",
"lessThan": "10.0.4614.06",
"versionType": "custom",
"status": "affected"
},
{
"version": "4.8.0",
"lessThan": "10.0.04614.05",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5 AND 4.7.2",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows Server 2019",
"Windows Server 2019 (Server Core installation)",
"Windows Server 2016 (Server Core installation)",
"Windows 10 Version 1607 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows Server 2016"
],
"versions": [
{
"version": "4.7.0",
"lessThan": "10.0.04038.03",
"versionType": "custom",
"status": "affected"
},
{
"version": "4.7.0",
"lessThan": "10.0.14393.5717",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
"Windows Server 2012 (Server Core installation)",
"Windows Server 2012",
"Windows Server 2012 R2 (Server Core installation)",
"Windows Server 2012 R2",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1"
],
"versions": [
{
"version": "4.7.0",
"lessThan": "4.7.04614.08",
"versionType": "custom",
"status": "affected"
},
{
"version": "4.7.0",
"lessThan": "4.7.04038.05",
"versionType": "custom",
"status": "affected"
},
{
"version": "4.7.0",
"lessThan": "4.7.04038.03",
"versionType": "custom",
"status": "affected"
},
{
"version": "4.7.0",
"lessThan": "4.7.04038.02",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 4.8",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2012 R2 (Server Core installation)",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1",
"Windows Server 2012 R2",
"Windows Server 2012 (Server Core installation)",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
"Windows Server 2012"
],
"versions": [
{
"version": "4.8.0",
"lessThan": "4.8.04614.05",
"versionType": "custom",
"status": "affected"
},
{
"version": "4.8.0",
"lessThan": "4.8.04614.03",
"versionType": "custom",
"status": "affected"
},
{
"version": "4.8.0",
"lessThan": "4.8.4614.08",
"versionType": "custom",
"status": "affected"
},
{
"version": "4.8.0",
"lessThan": "4.8.4614.07",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5 AND 4.8.1",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2022 (Server Core installation)",
"Windows Server 2022",
"Windows 10 Version 20H2 for 32-bit Systems",
"Windows 10 Version 20H2 for ARM64-based Systems",
"Windows 11 version 21H2 for x64-based Systems",
"Windows 10 Version 21H2 for 32-bit Systems",
"Windows 11 version 21H2 for ARM64-based Systems",
"Windows 10 Version 21H2 for ARM64-based Systems",
"Windows 10 Version 21H2 for x64-based Systems",
"Windows 11 Version 22H2 for ARM64-based Systems",
"Windows 11 Version 22H2 for x64-based Systems",
"Windows 10 Version 22H2 for ARM64-based Systems",
"Windows 10 Version 22H2 for 32-bit Systems",
"Windows 10 Version 22H2 for x64-based Systems"
],
"versions": [
{
"version": "4.8.1",
"lessThan": "10.0.09139.02",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 4.6.2",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2008 for 32-bit Systems Service Pack 2",
"Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)",
"Windows Server 2008 for x64-based Systems Service Pack 2",
"Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)"
],
"versions": [
{
"version": "4.7.0",
"lessThan": "4.7.04038.06",
"versionType": "custom",
"status": "affected"
},
{
"version": "4.7.0",
"lessThan": "4.7.4038.05",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5 and 4.6.2",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems"
],
"versions": [
{
"version": "4.7.0",
"lessThan": "10.0.10240.19747",
"versionType": "custom",
"status": "affected"
}
]
}
]
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
55.7%