VDB
CNVD-2024-11163
CNVD-2024-11163
PUBLISHED
CVSS 7.800000190734863 HIGH
Microsoft Visual Studio是美国微软(Microsoft)公司的一款开发工具套件系列产品,也是一个基本完整的开发工具集,它包括了整个软件生命周期中所需要的大部分工具。 Microsoft Visual Studio存在权限提升漏洞,攻击者可利用此漏洞获取SYSTEM权限。
Risk Scores
CVSS v3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Visual Studio 2015 Update 3 | 14.0.0 |
| Microsoft | Microsoft Visual Studio 2022 version 17.6 | 17.6.0 |
| microsoft | visual_studio_2017 | 15.9.0 |
| Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) | 15.9.0 |
| Microsoft | Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) | 16.11.0 |
| microsoft | visual_studio_2019 | 16.11.0 |
| microsoft | visual_studio | 14.0.0, 17.6.0 |
| Microsoft | Microsoft Visual Studio 2022 version 17.4 | 17.4.0 |
| Microsoft | Microsoft Visual Studio 2022 version 17.2 | 17.2.0 |
| microsoft | visual_studio_2022 | 17.2.0, 17.4.0 |
Timeline
- Jan 9, 2024 CVE Published
- Jan 9, 2024 PoC Published
- Jan 9, 2024 PoC Published
- Jan 12, 2024 CVE ID Reserved
- Jan 12, 2024 PoC Published
- Jan 12, 2024 PoC Published
- Jan 12, 2024 PoC Published
- Jan 12, 2024 PoC Published
- Jan 13, 2024 PoC Published
- Jan 13, 2024 PoC Published
- Jan 13, 2024 PoC Published
- Jan 13, 2024 PoC Published
References
- Visual Studio Elevation of Privilege Vulnerability vendor-advisory