VDB
CVE-2019-1077
CVE-2019-1077
PUBLISHED
CVSS 5 MEDIUM
An elevation of privilege vulnerability exists when the Visual Studio updater service improperly handles file permissions, aka 'Visual Studio Elevation of Privilege Vulnerability'.
EPSS 0.56% · 68.6th percentile
Risk Scores
CVSS 3.0
5
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
EPSS Score
0.56%
68.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Visual Studio 2017 | version 15.9 |
| microsoft | visual_studio_2017 | 15.9 |
| Microsoft | Microsoft Visual Studio 2019 | 16.0, 16.1 |
| microsoft | visual_studio_2019 | 16.0, 16.1 |
Exploit Intelligence
Timeline
- Jul 10, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score