8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.2 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.022 Low
EPSS
Percentile
89.3%
08/09/2022
High
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code.
Microsoft Visual Studio 2022 version 17.2
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)
Microsoft Visual Studio 2012 Update 5
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)
Microsoft Visual Studio 2013 Update 5
.NET 6.0
.NET Core 3.1
Microsoft Visual Studio 2015 Update 3
Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)
Microsoft Visual Studio 2022 version 17.0
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2022-34716
CVE-2022-35826
CVE-2022-35777
CVE-2022-35827
CVE-2022-35825
ACE
CVE-2022-347165.9High
CVE-2022-358268.8Critical
CVE-2022-357778.8Critical
CVE-2022-358278.8Critical
CVE-2022-358258.8Critical
5016316
5016315
5016987
5016990
5016314
support.microsoft.com/kb/5016314
support.microsoft.com/kb/5016315
support.microsoft.com/kb/5016316
support.microsoft.com/kb/5016987
support.microsoft.com/kb/5016990
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34716
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35777
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35825
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35826
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35827
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35777
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35825
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35826
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35827
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Visual-Studio/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.2 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.022 Low
EPSS
Percentile
89.3%