CVE-2024-20656 Visual Studio Elevation of Privilege Vulnerability

🗓️ 09 Jan 2024 17:57:01Reported by microsoftType

Visual Studio Elevation of Privilege Vulnerability, CVE-2024-20656

Reporter	Title	Published	Views	Family All 19
GithubExploit	Exploit for Link Following in Microsoft	12 Jan 202415:08	–	githubexploit
Information Security Automation	November 2023 – January 2024: New Vulristics Features, 3 Months of Microsoft Patch Tuesdays and Linux Patch Wednesdays, Year 2023 in Review	1 Feb 202417:07	–	avleonov
BDU FSTEC	The vulnerability of the Microsoft Visual Studio software development tool lies in the insecure management of privileges, which allows a malicious actor to escalate their privileges.	17 Jan 202400:00	–	bdu_fstec
Circl	CVE-2024-20656	9 Jan 202419:26	–	circl
CNNVD	Microsoft Visual Studio 安全漏洞	9 Jan 202400:00	–	cnnvd
CNVD	Microsoft Visual Studio Elevation of Privilege Vulnerability (CNVD-2024-11163)	12 Jan 202400:00	–	cnvd
CVE	CVE-2024-20656	9 Jan 202417:57	–	cve
Microsoft KB	Description of the security update for Visual Studio 2015 Update 3: January 9, 2024 (KB5030979)	9 Jan 202408:00	–	mskb
Kaspersky	KLA62822 Multiple vulnerabilities in Microsoft Developer Tools	9 Jan 202400:00	–	kaspersky
Microsoft CVE	Visual Studio Elevation of Privilege Vulnerability	9 Jan 202408:00	–	mscve

[
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "15.9.0",
        "lessThan": "15.9.59",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.2",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.2.0",
        "lessThan": "17.2.23",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "16.11.0",
        "lessThan": "16.11.33",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.4",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.4.0",
        "lessThan": "17.4.15",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.6",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.6.0",
        "lessThan": "17.6.11",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2015 Update 3",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "14.0.0",
        "lessThan": "14.0.27560.00",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20656

03 May 2025 01:46Current

8.4High risk

Vulners AI Score8.4

CVSS 3.17.8

EPSS0.54325

CWE-59