CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
61.0%
.NET is vulnerable to Remote Code Execution (RCE). The vulnerability exists in Microsoft.DiaSymReader.Native.amd64.dll
when processing a corrupted PDB
file, potentially leading to remote code execution.
Vendor | Product | Version | CPE |
---|---|---|---|
- | dotnet6-build\ | edge | cpe:2.3:a:-:dotnet6-build\:edge:6.0.112-r0:*:*:*:*:*:*:* |
- | dotnet6-build\ | edge | cpe:2.3:a:-:dotnet6-build\:edge:6.0.116-r0:*:*:*:*:*:*:* |
- | dotnet6-build\ | edge | cpe:2.3:a:-:dotnet6-build\:edge:6.0.107-r0:*:*:*:*:*:*:* |
- | dotnet6-build\ | edge | cpe:2.3:a:-:dotnet6-build\:edge:6.0.109-r0:*:*:*:*:*:*:* |
- | dotnet6-build\ | edge | cpe:2.3:a:-:dotnet6-build\:edge:6.0.114-r0:*:*:*:*:*:*:* |
- | dotnet6-build\ | edge | cpe:2.3:a:-:dotnet6-build\:edge:6.0.110-r1:*:*:*:*:*:*:* |
- | dotnet6-build\ | edge | cpe:2.3:a:-:dotnet6-build\:edge:6.0.116-r1:*:*:*:*:*:*:* |
- | dotnet6-build\ | edge | cpe:2.3:a:-:dotnet6-build\:edge:6.0.110-r0:*:*:*:*:*:*:* |
- | dotnet6-build\ | edge | cpe:2.3:a:-:dotnet6-build\:edge:6.0.105-r0:*:*:*:*:*:*:* |
- | dotnet6-build\ | edge | cpe:2.3:a:-:dotnet6-build\:edge:6.0.103-r2:*:*:*:*:*:*:* |