CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
48.7%
.NET Framework Remote Code Execution Vulnerability
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | windows_server_2008 | r2 | cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* |
microsoft | .net_framework | 3.5.1 | cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:* |
microsoft | windows_10_1507 | - | cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:* |
microsoft | windows_10_1507 | - | cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:* |
microsoft | .net_framework | 3.5 | cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:* |
microsoft | .net_framework | 4.6.2 | cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:* |
microsoft | windows_10_1607 | - | cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:* |
microsoft | windows_10_1607 | - | cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:* |
microsoft | windows_10_21h2 | - | cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:* |
microsoft | windows_10_21h2 | - | cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:* |
[
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5 AND 4.8",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows Server 2019",
"Windows Server 2019 (Server Core installation)",
"Windows Server 2022",
"Windows Server 2022 (Server Core installation)",
"Windows 11 version 21H2 for x64-based Systems",
"Windows 11 version 21H2 for ARM64-based Systems",
"Windows 10 Version 21H2 for 32-bit Systems",
"Windows 10 Version 21H2 for ARM64-based Systems",
"Windows 10 Version 21H2 for x64-based Systems",
"Windows 10 Version 22H2 for x64-based Systems",
"Windows 10 Version 22H2 for ARM64-based Systems",
"Windows 10 Version 22H2 for 32-bit Systems"
],
"versions": [
{
"version": "4.8.0",
"lessThan": "4.8.4644.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5 AND 4.7.2",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows Server 2019 (Server Core installation)"
],
"versions": [
{
"version": "4.7.0",
"lessThan": "4.7.4050.0",
"versionType": "custom",
"status": "affected"
},
{
"version": "4.7.0",
"lessThan": "4.8.4644.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2",
"cpes": [
"cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016",
"Windows Server 2016 (Server Core installation)"
],
"versions": [
{
"version": "3.0.0.0",
"lessThan": "10.0.14393.5989",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5 AND 4.8.1",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2022",
"Windows Server 2022 (Server Core installation)",
"Windows 11 version 21H2 for x64-based Systems",
"Windows 11 version 21H2 for ARM64-based Systems",
"Windows 10 Version 21H2 for 32-bit Systems",
"Windows 10 Version 21H2 for ARM64-based Systems",
"Windows 10 Version 21H2 for x64-based Systems",
"Windows 11 Version 22H2 for ARM64-based Systems",
"Windows 11 Version 22H2 for x64-based Systems",
"Windows 10 Version 22H2 for x64-based Systems",
"Windows 10 Version 22H2 for ARM64-based Systems",
"Windows 10 Version 22H2 for 32-bit Systems"
],
"versions": [
{
"version": "4.8.1",
"lessThan": "4.8.9166.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 2.0 Service Pack 2",
"cpes": [
"cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2008 for 32-bit Systems Service Pack 2",
"Windows Server 2008 for x64-based Systems Service Pack 2"
],
"versions": [
{
"version": "2.0.0",
"lessThan": "3.0.6920.8954; 2.0.50727.8970",
"versionType": "custom",
"status": "affected"
},
{
"version": "2.0.0",
"lessThan": "4.7.4050.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.0 Service Pack 2",
"cpes": [
"cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2008 for 32-bit Systems Service Pack 2",
"Windows Server 2008 for x64-based Systems Service Pack 2"
],
"versions": [
{
"version": "3.0.0",
"lessThan": "3.0.6920.8954; 2.0.50727.8970",
"versionType": "custom",
"status": "affected"
},
{
"version": "3.0.0",
"lessThan": "4.7.4050.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5",
"cpes": [
"cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2012",
"Windows Server 2012 (Server Core installation)",
"Windows Server 2012 R2",
"Windows Server 2012 R2 (Server Core installation)"
],
"versions": [
{
"version": "3.5.0",
"lessThan": "3.0.6920.8954; 2.0.50727.8970",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5.1",
"cpes": [
"cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2008 R2 for x64-based Systems Service Pack 1",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"
],
"versions": [
{
"version": "3.5.0",
"lessThan": "3.0.6920.8954; 2.0.50727.8970",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5 and 4.6.2",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems"
],
"versions": [
{
"version": "4.7.0",
"lessThan": "10.0.10240.19983",
"versionType": "custom",
"status": "affected"
}
]
}
]
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
48.7%