9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
0.058 Low
EPSS
Percentile
93.4%
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, spoof user interface, obtain sensitive information, gain privileges.
Below is a complete list of vulnerabilities:
CVE-2019-0627 warning
CVE-2019-0631 warning
CVE-2019-0632 warning
CVE-2019-0741 warning
CVE-2019-0743 warning
CVE-2019-0613 critical
CVE-2019-0742 warning
CVE-2019-0728 critical
CVE-2019-0657 warning
CVE-2019-0729 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/4483450
support.microsoft.com/kb/4483452
support.microsoft.com/kb/4486996
support.microsoft.com/kb/4487017
support.microsoft.com/kb/4487018
support.microsoft.com/kb/4487020
support.microsoft.com/kb/4487026
support.microsoft.com/kb/4487078
support.microsoft.com/kb/4487079
support.microsoft.com/kb/4487081
support.microsoft.com/kb/4487121
support.microsoft.com/kb/4487122
support.microsoft.com/kb/4487123
support.microsoft.com/kb/4487124
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0613
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0627
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0631
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0632
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0657
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0728
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0729
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0741
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0742
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0743
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-.NET-Framework/
threats.kaspersky.com/en/product/Microsoft-Azure/
threats.kaspersky.com/en/product/Microsoft-Visual-Studio/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
threats.kaspersky.com/en/product/Team-Foundation-Server/
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
0.058 Low
EPSS
Percentile
93.4%