CVE-2023-36042 Visual Studio Denial of Service Vulnerability

🗓️ 14 Nov 2023 17:57:31Reported by microsoftType

Reporter	Title	Published	Views	Family All 28
BDU FSTEC	The vulnerability of the Microsoft Visual Studio software, related to uncontrolled resource consumption, allows a hacker to trigger a service failure.	29 Nov 202300:00	–	bdu_fstec
CNNVD	Microsoft Visual Studio 安全漏洞	14 Nov 202300:00	–	cnnvd
CNVD	Microsoft Visual Studio Denial of Service Vulnerability	16 Nov 202300:00	–	cnvd
CVE	CVE-2023-36042	14 Nov 202317:57	–	cve
EUVD	EUVD-2023-40026	3 Oct 202520:07	–	euvd
Microsoft KB	January 9, 2024-KB5033917 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 23H2	22 Mar 202407:00	–	mskb
Microsoft KB	January 9, 2024-KB5033920 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 and Windows 11, version 23H2	22 Mar 202407:00	–	mskb
Microsoft KB	January 9, 2024-KB5034272 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Azure Stack HCI, version 22H2	22 Mar 202407:00	–	mskb
Microsoft KB	January 9, 2024-KB5034273 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10, version 1809 and Windows Server 2019	22 Mar 202407:00	–	mskb
Microsoft KB	January 9, 2024-KB5034274 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2	22 Mar 202407:00	–	mskb

[
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.6",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.6.0",
        "lessThan": "17.6.10",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.7",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.7.0",
        "lessThan": "17.7.7",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 3.5 AND 4.8.1",
    "platforms": [
      "Windows Server 2022",
      "Windows Server 2022 (Server Core installation)",
      "Windows 11 version 21H2 for x64-based Systems",
      "Windows 11 version 21H2 for ARM64-based Systems",
      "Windows 10 Version 21H2 for 32-bit Systems",
      "Windows 10 Version 21H2 for ARM64-based Systems",
      "Windows 10 Version 21H2 for x64-based Systems",
      "Windows 11 Version 22H2 for ARM64-based Systems",
      "Windows 11 Version 22H2 for x64-based Systems",
      "Windows 10 Version 22H2 for x64-based Systems",
      "Windows 10 Version 22H2 for ARM64-based Systems",
      "Windows 10 Version 22H2 for 32-bit Systems",
      "Windows 11 Version 23H2 for ARM64-based Systems",
      "Windows 11 Version 23H2 for x64-based Systems",
      "Windows Server 2022, 23H2 Edition (Server Core installation)"
    ],
    "versions": [
      {
        "version": "4.8.1",
        "lessThan": "4.8.09214.01",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36042

08 Oct 2025 23:59Current

8High risk

Vulners AI Score8

CVSS 3.16.2

EPSS0.00787

CWE-122