CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
84.0%
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, bypass security restrictions, obtain sensitive information, spoof user interface.
Below is a complete list of vulnerabilities:
Public exploits exist for this vulnerability.
CVE-2023-25815 warning
CVE-2023-29007 critical
CVE-2023-25652 critical
CVE-2023-29012 critical
CVE-2023-29011 critical
CVE-2023-33139 high
CVE-2023-24936 critical
CVE-2023-27909 critical
CVE-2023-32030 critical
CVE-2023-32032 high
CVE-2023-24895 critical
CVE-2023-24897 critical
CVE-2023-33126 high
CVE-2023-21565 high
CVE-2023-29326 critical
CVE-2023-33144 high
CVE-2023-33135 high
CVE-2023-27910 critical
CVE-2023-29337 high
CVE-2023-33141 critical
CVE-2023-29353 high
CVE-2023-29331 critical
CVE-2023-27911 critical
CVE-2023-33128 high
CVE-2023-21569 high
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/5025792
support.microsoft.com/kb/5026454
support.microsoft.com/kb/5026455
support.microsoft.com/kb/5026610
support.microsoft.com/kb/5027119
support.microsoft.com/kb/5027123
support.microsoft.com/kb/5027219
support.microsoft.com/kb/5027230
support.microsoft.com/kb/5027531
support.microsoft.com/kb/5027532
support.microsoft.com/kb/5027533
support.microsoft.com/kb/5027534
support.microsoft.com/kb/5027536
support.microsoft.com/kb/5027537
support.microsoft.com/kb/5027538
support.microsoft.com/kb/5027539
support.microsoft.com/kb/5027540
support.microsoft.com/kb/5027541
support.microsoft.com/kb/5027542
support.microsoft.com/kb/5027543
support.microsoft.com/kb/5027544
support.microsoft.com/kb/5027797
support.microsoft.com/kb/5027798
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21565
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21569
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24895
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24897
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-25652
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-25815
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-27909
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-27910
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-27911
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29007
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29011
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29012
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29326
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29337
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29353
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32030
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32032
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33126
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33128
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33135
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33139
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33141
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33144
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-.NET-Framework/
threats.kaspersky.com/en/product/Microsoft-Azure/
threats.kaspersky.com/en/product/Microsoft-Visual-Studio/
threats.kaspersky.com/en/product/Microsoft-Windows/