CVE-2025-24998

🗓️ 11 Mar 2025 16:59:04Reported by microsoftType

Uncontrolled search path element in Visual Studio allows local privilege escalation by attackers.

Reporter	Title	Published	Views	Family All 15
Circl	CVE-2025-24998	11 Mar 202516:39	–	circl
CNNVD	Microsoft Visual Studio 代码问题漏洞	11 Mar 202500:00	–	cnnvd
Cvelist	CVE-2025-24998 Visual Studio Elevation of Privilege Vulnerability	11 Mar 202516:59	–	cvelist
EUVD	EUVD-2025-6346	3 Oct 202520:07	–	euvd
Kaspersky	KLA81542 Multiple vulnerabilities in Microsoft Developer Tools	11 Mar 202500:00	–	kaspersky
Microsoft CVE	Visual Studio Elevation of Privilege Vulnerability	11 Mar 202507:00	–	mscve
NCSC	Vulnerabilities fixed in Microsoft Developer Tools	11 Mar 202518:44	–	ncsc
NVD	CVE-2025-24998	11 Mar 202517:16	–	nvd
OSV	CVE-2025-24998	11 Mar 202517:16	–	osv
Rapid7 Blog	Patch Tuesday - March 2025	11 Mar 202520:16	–	rapid7blog

NVD

Vulners

CNA

Node

microsoft visual_studio_2017Range15.0–15.9.71

microsoft visual_studio_2019Range16.0–16.11.45

microsoft visual_studio_2022Range17.8.0–17.8.19

microsoft visual_studio_2022Range17.10.0–17.10.12

microsoft visual_studio_2022Range17.12.0–17.12.6

microsoft visual_studio_2022Range17.13.0–17.13.3

[
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
    "versions": [
      {
        "version": "15.9.0",
        "lessThan": "15.9.71",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
    "versions": [
      {
        "version": "16.11.0",
        "lessThan": "16.11.45",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.10",
    "versions": [
      {
        "version": "17.10.0",
        "lessThan": "17.10.12",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.12",
    "versions": [
      {
        "version": "17.12.0",
        "lessThan": "17.12.6",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.13",
    "versions": [
      {
        "version": "17.13.0",
        "lessThan": "17.13.3",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.8",
    "versions": [
      {
        "version": "17.8.0",
        "lessThan": "17.8.19",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24998

13 Feb 2026 19:38Current

7.2High risk

Vulners AI Score7.2

CVSS 3.17.3

EPSS0.00326

SSVC

CWE-427