7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.2%
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges.
Below is a complete list of vulnerabilities:
Microsoft-Diagnostics-Hub-Standard-Collector-Runtime
CVE-2022-21911 critical
CVE-2022-21871 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Microsoft Visual Studio 2019
Microsoft Visual Studio 2017
support.microsoft.com/kb/5008876
support.microsoft.com/kb/5008877
support.microsoft.com/kb/5008879
support.microsoft.com/kb/5008880
support.microsoft.com/kb/5008882
support.microsoft.com/kb/5009546
support.microsoft.com/kb/5009585
support.microsoft.com/kb/5009711
support.microsoft.com/kb/5009712
support.microsoft.com/kb/5009713
support.microsoft.com/kb/5009714
support.microsoft.com/kb/5009718
support.microsoft.com/kb/5009719
support.microsoft.com/kb/5009720
support.microsoft.com/kb/5009721
support.microsoft.com/kb/5009722
support.microsoft.com/kb/5011164
nvd.nist.gov/vuln/detail/CVE-2022-21871
nvd.nist.gov/vuln/detail/CVE-2022-21911
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-.NET-Framework/
threats.kaspersky.com/en/product/Microsoft-Diagnostics-Hub-Standard-Collector-Runtime/
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.2%