CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
47.7%
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service.
Below is a complete list of vulnerabilities:
CVE-2022-26788 critical
CVE-2022-24513 critical
CVE-2022-24767 critical
CVE-2022-26832 critical
CVE-2022-26921 high
CVE-2022-24765 critical
CVE-2022-26924 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
support.microsoft.com/kb/5012117
support.microsoft.com/kb/5012118
support.microsoft.com/kb/5012120
support.microsoft.com/kb/5012121
support.microsoft.com/kb/5012123
support.microsoft.com/kb/5012324
support.microsoft.com/kb/5012325
support.microsoft.com/kb/5012326
support.microsoft.com/kb/5012327
support.microsoft.com/kb/5012328
support.microsoft.com/kb/5012329
support.microsoft.com/kb/5012330
support.microsoft.com/kb/5012331
support.microsoft.com/kb/5012332
support.microsoft.com/kb/5012596
support.microsoft.com/kb/5016568
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24513
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24765
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24767
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26788
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26832
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26921
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26924
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-.NET-Framework/
threats.kaspersky.com/en/product/Microsoft-Visual-Studio/
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
47.7%