VDB
CVE-2022-41034
CVE-2022-41034
PUBLISHED
Es existieren mehrere Schwachstellen in verschiedenen Microsoft Developer Tools, die noch nicht im Detail beschrieben sind. Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen und seine Berechtigungen zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
EPSS 63.20% · 98.4th percentile
Risk Scores
EPSS Score
63.20%
98.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Visual Studio 2019 version 16.9 | |
| Ubuntu | Ubuntu Linux | |
| Microsoft | Microsoft Visual Studio Code Jupyter Extension | |
| Microsoft | Microsoft Visual Studio 2019 version 16.11 | |
| Oracle | Oracle Linux | |
| Microsoft | Microsoft Visual Studio Code | |
| Microsoft | Microsoft Visual Studio 2022 version 17.0 | |
| Microsoft | Microsoft Visual Studio 2022 version 17.3 | |
| Microsoft | Microsoft Visual Studio 2022 for Mac version 17.3 | |
| Red Hat | Red Hat Enterprise Linux | |
| Microsoft | Microsoft Visual Studio 2022 version 17.2 |
Exploit Intelligence
- andyhsu024/CVE-2022-41034 (github-poc-repo)
- andyhsu024/CVE-2022-41034 (github-poc-repo)
- andyhsu024/CVE-2022-41034 (github-poc-repo)
- andyhsu024/CVE-2022-41034 (github-poc-repo)
- andyhsu024/CVE-2022-41034 (github-poc-repo)
- andyhsu024/CVE-2022-41034 (github-poc-repo)
- andyhsu024/CVE-2022-41034 (github-poc)
- andyhsu024/CVE-2022-41034 (github-poc)
- andyhsu024/CVE-2022-41034 (github-poc)
- andyhsu024/CVE-2022-41034 (github-poc)
…and 11 more exploits
Timeline
- Oct 11, 2022 CVE Published
- Oct 12, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Nov 25, 2023 EPSS Score
- Jun 10, 2024 PoC Published
- Jun 11, 2024 EPSS Score
- Jun 13, 2024 PoC Published
- Jul 15, 2024 EPSS Score
- Aug 27, 2024 EPSS Score
- Sep 25, 2024 EPSS Score
- Oct 24, 2024 EPSS Score
- Nov 6, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1683.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1683 advisory
- https://github.com/google/security-research/security/advisories/GHSA-pw56-c55x-cm9m advisory
- https://linux.oracle.com/errata/ELSA-2022-8434.html advisory
- https://linux.oracle.com/errata/ELSA-2022-7826.html advisory
- https://access.redhat.com/errata/RHSA-2022:8434 advisory
- https://msrc.microsoft.com/update-guide advisory
- https://ubuntu.com/security/notices/USN-5670-1 advisory
- https://linux.oracle.com/errata/ELSA-2022-6913.html advisory
- http://linux.oracle.com/errata/ELSA-2022-6912.html advisory
- http://linux.oracle.com/errata/ELSA-2022-6911.html advisory
- https://access.redhat.com/errata/RHSA-2022:6911 advisory
- https://access.redhat.com/errata/RHSA-2022:6915 advisory
- https://access.redhat.com/errata/RHSA-2022:6912 advisory
- https://access.redhat.com/errata/RHSA-2022:6913 advisory
- https://access.redhat.com/errata/RHSA-2022:6914 advisory
- https://access.redhat.com/errata/RHSA-2022:7826 advisory