9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.017 Low
EPSS
Percentile
87.6%
09/12/2023
Critical
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service.
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)
Microsoft Visual Studio 2022 version 17.4
Microsoft Visual Studio 2022 version 17.7
.NET 6.0
Microsoft .NET Framework 4.8
Azure DevOps Server 2020.1.2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5 AND 4.8
Azure DevOps Server 2019.0.1
Microsoft .NET Framework 3.5 AND 4.8.1
Microsoft .NET Framework 2.0 Service Pack 2
Azure DevOps Server 2019.1.2
Visual Studio Code
Microsoft .NET Framework 3.5 AND 4.7.2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 4.6.2
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)
Microsoft Visual Studio 2022 version 17.6
.NET 7.0
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2
Microsoft Visual Studio 2022 version 17.2
Azure DevOps Server 2020.0.2
Microsoft .NET Framework 3.5.1
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2023-36793
CVE-2023-36796
CVE-2023-36788
CVE-2023-36742
CVE-2023-36792
CVE-2023-39956
CVE-2023-38155
CVE-2023-33136
CVE-2023-36759
CVE-2023-36799
CVE-2023-36794
CVE-2023-36758
ACE
CVE-2023-399566.6High
CVE-2023-367937.8Critical
CVE-2023-367967.8Critical
CVE-2023-367887.8Critical
CVE-2023-367427.8Critical
CVE-2023-367927.8Critical
CVE-2023-381558.1Critical
CVE-2023-331368.8Critical
CVE-2023-367596.7High
CVE-2023-367996.5High
CVE-2023-367947.8Critical
CVE-2023-367589.8Critical
5030184
5030179
5029924
5030180
5030183
5030181
5030185
5030182
5030186
5030178
5030213
5030220
5031217
5029366
5029365
5032875
5032874
support.microsoft.com/kb/5029365
support.microsoft.com/kb/5029366
support.microsoft.com/kb/5029924
support.microsoft.com/kb/5030178
support.microsoft.com/kb/5030179
support.microsoft.com/kb/5030180
support.microsoft.com/kb/5030181
support.microsoft.com/kb/5030182
support.microsoft.com/kb/5030183
support.microsoft.com/kb/5030184
support.microsoft.com/kb/5030185
support.microsoft.com/kb/5030186
support.microsoft.com/kb/5030213
support.microsoft.com/kb/5030220
support.microsoft.com/kb/5031217
support.microsoft.com/kb/5032874
support.microsoft.com/kb/5032875
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33136
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36742
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36758
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36759
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36788
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36792
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36793
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36794
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36796
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36799
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38155
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39956
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33136
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36742
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36758
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36759
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36788
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36792
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36793
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36794
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36796
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36799
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38155
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-39956
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/.NET/
threats.kaspersky.com/en/product/Microsoft-.NET-Framework/
threats.kaspersky.com/en/product/Microsoft-Azure/
threats.kaspersky.com/en/product/Microsoft-Visual-Studio/
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.017 Low
EPSS
Percentile
87.6%