Lucene search

Kaspersky LabKLA20235

HistoryFeb 14, 2023 - 12:00 a.m.

KLA20235 Multiple vulnerabilities in Microsoft Developer Tools

2023-02-1400:00:00

Kaspersky Lab

threats.kaspersky.com

microsoft developer tools

sql server integration service

visual studio

azure devops server

.net framework

github

.net

integer overflow

malware

exploit

microsoft .net framework

microsoft sql server

microsoft visual studio

microsoft azure

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.6%

JSON

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service.

Below is a complete list of vulnerabilities:

A remote code execution vulnerability in Microsoft SQL Server Integration Service (VS extension) can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in Visual Studio can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in Azure DevOps Server can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Visual Studio can be exploited remotely to gain privileges.
A denial of service vulnerability in .NET Framework can be exploited remotely to cause denial of service.
A denial of service vulnerability in Visual Studio can be exploited remotely to cause denial of service.
A remote code execution vulnerability in GitHub can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in .NET and Visual Studio can be exploited remotely to execute arbitrary code.
Integer overflow vulnerability can be exploited to execute arbitrary code.

Original advisories

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-.NET-Framework

Microsoft-SQL-Server

Microsoft-Visual-Studio

Microsoft-Azure

CVE list

CVE-2022-23521 critical

CVE-2023-21568 high

CVE-2023-21815 critical

CVE-2023-21553 critical

CVE-2023-21566 critical

CVE-2023-21722 warning

CVE-2023-23381 critical

CVE-2023-21567 high

CVE-2023-21808 critical

CVE-2023-41953 unknown

KB list

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

Microsoft .NET Framework 4.6.2Microsoft .NET Framework 3.5 AND 4.8Microsoft .NET Framework 3.5Microsoft Visual Studio 2022 version 17.4Microsoft .NET Framework 3.5.1Microsoft .NET Framework 3.5 AND 4.7.2Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2Microsoft .NET Framework 4.8Microsoft .NET Framework 3.0 Service Pack 2Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)Microsoft .NET Framework 3.5 AND 4.8.1Azure DevOps Server 2020.1.2Microsoft Visual Studio 2022 version 17.0Microsoft .NET Framework 3.5 and 4.6.2Microsoft Visual Studio 2022 version 17.2SQL Server Integration Services for Visual Studio 2019SQL Server Integration Services for Visual Studio 2022.NET 7.0.NET 6.0PowerShell 7.2