CVE-2022-41034 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-41034 PUBLISHED

Es existieren mehrere Schwachstellen in verschiedenen Microsoft Developer Tools, die noch nicht im Detail beschrieben sind. Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen und seine Berechtigungen zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.

EPSS 65.03% · 98.5th percentile

Risk Scores

EPSS Score

65.03%

98.5th percentile

Affected Products

Vendor	Product	Versions
Microsoft	Microsoft Visual Studio 2019 version 16.9
Ubuntu	Ubuntu Linux
Microsoft	Microsoft Visual Studio Code Jupyter Extension
Microsoft	Microsoft Visual Studio 2019 version 16.11
Oracle	Oracle Linux
Microsoft	Microsoft Visual Studio Code
Microsoft	Microsoft Visual Studio 2022 version 17.0
Microsoft	Microsoft Visual Studio 2022 version 17.3
Microsoft	Microsoft Visual Studio 2022 for Mac version 17.3
Red Hat	Red Hat Enterprise Linux
Microsoft	Microsoft Visual Studio 2022 version 17.2

Timeline

Oct 11, 2022 CVE Published
Oct 12, 2022 EPSS Score
Mar 7, 2023 EPSS Score
Nov 25, 2023 EPSS Score
Dec 8, 2023 EPSS Score
Jun 10, 2024 PoC Published
Jun 13, 2024 PoC Published
Jul 15, 2024 EPSS Score
Aug 27, 2024 EPSS Score
Sep 25, 2024 EPSS Score
Oct 24, 2024 EPSS Score
Nov 6, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1683.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1683 advisory
https://github.com/google/security-research/security/advisories/GHSA-pw56-c55x-cm9m advisory
https://linux.oracle.com/errata/ELSA-2022-8434.html advisory
https://linux.oracle.com/errata/ELSA-2022-7826.html advisory
https://access.redhat.com/errata/RHSA-2022:8434 advisory
https://msrc.microsoft.com/update-guide advisory
https://ubuntu.com/security/notices/USN-5670-1 advisory
https://linux.oracle.com/errata/ELSA-2022-6913.html advisory
http://linux.oracle.com/errata/ELSA-2022-6912.html advisory
http://linux.oracle.com/errata/ELSA-2022-6911.html advisory
https://access.redhat.com/errata/RHSA-2022:6911 advisory
https://access.redhat.com/errata/RHSA-2022:6915 advisory
https://access.redhat.com/errata/RHSA-2022:6912 advisory
https://access.redhat.com/errata/RHSA-2022:6913 advisory
https://access.redhat.com/errata/RHSA-2022:6914 advisory
https://access.redhat.com/errata/RHSA-2022:7826 advisory

Open in Interactive Console →