CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
58.4%
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | microsoft_visual_studio_2022_17.2 | * | cpe:2.3:a:microsoft:microsoft_visual_studio_2022_17.2:*:*:*:*:*:*:*:* |
microsoft | microsoft_visual_studio_2022_17.0 | * | cpe:2.3:a:microsoft:microsoft_visual_studio_2022_17.0:*:*:*:*:*:*:*:* |
microsoft | microsoft_visual_studio_2022_17.4 | * | cpe:2.3:a:microsoft:microsoft_visual_studio_2022_17.4:*:*:*:*:*:*:*:* |
microsoft | .net_6.0 | * | cpe:2.3:a:microsoft:.net_6.0:*:*:*:*:*:*:*:* |
microsoft | .net_7.0 | * | cpe:2.3:a:microsoft:.net_7.0:*:*:*:*:*:*:*:* |
microsoft | microsoft_visual_studio_2022_17.6 | * | cpe:2.3:a:microsoft:microsoft_visual_studio_2022_17.6:*:*:*:*:*:*:*:* |
microsoft | powershell_7.2 | * | cpe:2.3:a:microsoft:powershell_7.2:*:*:*:*:*:*:*:* |
microsoft | powershell_7.3 | * | cpe:2.3:a:microsoft:powershell_7.3:*:*:*:*:*:*:*:* |
microsoft | .net_framework | * | cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:* |
microsoft | .net_framework | * | cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:* |
[
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.2",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.2.0",
"lessThan": "17.2.16",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.0",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.0.0",
"lessThan": "17.0.22",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.4",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.4.0",
"lessThan": "17.4.8",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": ".NET 6.0",
"cpes": [
"cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "6.0.0",
"lessThan": "6.0.18",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": ".NET 7.0",
"cpes": [
"cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "7.0.0",
"lessThan": "7.0.7",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.6",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.6.0",
"lessThan": "17.6.3",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "PowerShell 7.2",
"cpes": [
"cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "7.2.0",
"lessThan": "7.2.12",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "PowerShell 7.3",
"cpes": [
"cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "7.3.0",
"lessThan": "7.3.5",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 4.8",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2016 (Server Core installation)",
"Windows Server 2012 R2 (Server Core installation)",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2012 (Server Core installation)",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
"Windows Server 2012",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1",
"Windows Server 2012 R2",
"Windows Server 2016"
],
"versions": [
{
"version": "4.8.0",
"lessThan": "4.8.4644.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5 AND 4.8",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows Server 2022 (Server Core installation)",
"Windows Server 2022",
"Windows Server 2019",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019 (Server Core installation)",
"Windows 11 version 21H2 for x64-based Systems",
"Windows 10 Version 22H2 for 32-bit Systems",
"Windows 10 Version 21H2 for 32-bit Systems",
"Windows 10 Version 22H2 for x64-based Systems",
"Windows 10 Version 21H2 for ARM64-based Systems",
"Windows 10 Version 21H2 for x64-based Systems",
"Windows 10 Version 22H2 for ARM64-based Systems",
"Windows 11 version 21H2 for ARM64-based Systems"
],
"versions": [
{
"version": "4.8.0",
"lessThan": "4.8.4644.0",
"versionType": "custom",
"status": "affected"
},
{
"version": "4.8.0",
"lessThan": "4.7.4050.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5 AND 4.7.2",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1809 for 32-bit Systems",
"Windows Server 2019",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows Server 2019 (Server Core installation)"
],
"versions": [
{
"version": "4.7.0",
"lessThan": "4.7.4050.0",
"versionType": "custom",
"status": "affected"
},
{
"version": "4.7.0",
"lessThan": "4.8.4644.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2",
"cpes": [
"cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2016",
"Windows Server 2016 (Server Core installation)",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems"
],
"versions": [
{
"version": "3.0.0.0",
"lessThan": "10.0.14393.5989",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2012 R2",
"Windows Server 2012",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
"Windows Server 2012 (Server Core installation)",
"Windows Server 2012 R2 (Server Core installation)"
],
"versions": [
{
"version": "4.7.0",
"lessThan": "4.7.04043.0",
"versionType": "custom",
"status": "affected"
},
{
"version": "4.7.0",
"lessThan": "4.7.4050.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5 AND 4.8.1",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2022 (Server Core installation)",
"Windows Server 2022",
"Windows 10 Version 21H2 for 32-bit Systems",
"Windows 11 version 21H2 for ARM64-based Systems",
"Windows 11 version 21H2 for x64-based Systems",
"Windows 10 Version 22H2 for 32-bit Systems",
"Windows 11 Version 22H2 for ARM64-based Systems",
"Windows 10 Version 21H2 for ARM64-based Systems",
"Windows 10 Version 21H2 for x64-based Systems",
"Windows 10 Version 22H2 for x64-based Systems",
"Windows 11 Version 22H2 for x64-based Systems",
"Windows 10 Version 22H2 for ARM64-based Systems"
],
"versions": [
{
"version": "4.8.1",
"lessThan": "4.8.9166.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 4.6.2",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)",
"Windows Server 2008 for x64-based Systems Service Pack 2",
"Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)",
"Windows Server 2008 for 32-bit Systems Service Pack 2"
],
"versions": [
{
"version": "4.7.0",
"lessThan": "4.7.04043.0",
"versionType": "custom",
"status": "affected"
},
{
"version": "4.7.0",
"lessThan": "4.7.4050.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5 and 4.6.2",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems"
],
"versions": [
{
"version": "4.7.0",
"lessThan": "10.0.10240.19983",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 2.0 Service Pack 2",
"cpes": [
"cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2008 for 32-bit Systems Service Pack 2",
"Windows Server 2008 for x64-based Systems Service Pack 2"
],
"versions": [
{
"version": "2.0.0",
"lessThan": "3.0.6920.8954; 2.0.50727.8970",
"versionType": "custom",
"status": "affected"
},
{
"version": "2.0.0",
"lessThan": "4.7.4050.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.0 Service Pack 2",
"cpes": [
"cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2008 for x64-based Systems Service Pack 2",
"Windows Server 2008 for 32-bit Systems Service Pack 2"
],
"versions": [
{
"version": "3.0.0",
"lessThan": "3.0.6920.8954; 2.0.50727.8970",
"versionType": "custom",
"status": "affected"
},
{
"version": "3.0.0",
"lessThan": "4.7.4050.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5.1",
"cpes": [
"cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2008 R2 for x64-based Systems Service Pack 1",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"
],
"versions": [
{
"version": "3.5.0",
"lessThan": "3.0.6920.8954; 2.0.50727.8970",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5",
"cpes": [
"cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2012 (Server Core installation)",
"Windows Server 2012",
"Windows Server 2012 R2 (Server Core installation)",
"Windows Server 2012 R2"
],
"versions": [
{
"version": "3.5.0",
"lessThan": "3.0.6920.8954; 2.0.50727.8970",
"versionType": "custom",
"status": "affected"
}
]
}
]
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
58.4%