8.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
0.009 Low
EPSS
Percentile
82.5%
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code.
Below is a complete list of vulnerabilities:
Public exploits exist for this vulnerability.
CVE-2022-41076 critical
CVE-2022-44704 critical
CVE-2022-41089 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
support.microsoft.com/kb/5020868
support.microsoft.com/kb/5020873
support.microsoft.com/kb/5020880
support.microsoft.com/kb/5021079
support.microsoft.com/kb/5021080
support.microsoft.com/kb/5021081
support.microsoft.com/kb/5021082
support.microsoft.com/kb/5021085
support.microsoft.com/kb/5021086
support.microsoft.com/kb/5021087
support.microsoft.com/kb/5021088
support.microsoft.com/kb/5021089
support.microsoft.com/kb/5021090
support.microsoft.com/kb/5021091
support.microsoft.com/kb/5021092
support.microsoft.com/kb/5021093
support.microsoft.com/kb/5021094
support.microsoft.com/kb/5021095
support.microsoft.com/kb/5021243
support.microsoft.com/kb/5021953
support.microsoft.com/kb/5021954
support.microsoft.com/kb/5021955
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41076
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41089
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44704
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-.NET-Framework/
threats.kaspersky.com/en/product/Microsoft-Visual-Studio/
threats.kaspersky.com/en/product/Microsoft-Windows/
8.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
0.009 Low
EPSS
Percentile
82.5%