VDB
CVE-2023-36758
CVE-2023-36758
PUBLISHED
Es existieren mehrere Schwachstellen in verschiedenen Microsoft Developer Tools. Die Fehler sind noch nicht im Detail beschrieben. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien auf SYSTEM zu erweitern. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
EPSS 0.16% · 36.0th percentile
Risk Scores
EPSS Score
0.16%
36.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft .NET Framework 3.5.1 | |
| Microsoft | Microsoft .NET Framework 4.8 | |
| Microsoft | Microsoft .NET Framework 4.7 | |
| Microsoft | Microsoft .NET Framework 4.7.1 | |
| Microsoft | Microsoft Visual Studio 2022 version 17.7 | |
| Red Hat | Red Hat Enterprise Linux | |
| Microsoft | Microsoft .NET Framework 4.8.1 | |
| Microsoft | Microsoft Visual Studio 2022 version 17.2 | |
| Microsoft | Microsoft Azure DevOps Server 2019.0.1 | |
| Microsoft | Microsoft Azure DevOps Server 2020.0.2 | |
| Microsoft | Microsoft Azure DevOps Server 2020.1.2 | |
| Microsoft | Microsoft Visual Studio 2022 version 17.6 | |
| Microsoft | Microsoft Visual Studio 2017 version 15.9 | |
| Microsoft | Microsoft Visual Studio 2022 version 17.4 | |
| Oracle | Oracle Linux | |
| Microsoft | Microsoft Visual Studio 2019 version 16.11 | |
| Microsoft | Microsoft .NET Framework 3.0 SP2 | |
| Microsoft | Microsoft Visual Studio Code | |
| Ubuntu | Ubuntu Linux | |
| Microsoft | Microsoft .NET Framework 2.0 SP2 |
…and 4 more
Exploit Intelligence
Timeline
- Sep 12, 2023 CVE Published
- Sep 13, 2023 EPSS Score
- Oct 15, 2023 EPSS Score
- Nov 17, 2023 EPSS Score
- Jan 21, 2024 EPSS Score
- Feb 22, 2024 EPSS Score
- Mar 25, 2024 EPSS Score
- Apr 27, 2024 EPSS Score
- May 29, 2024 EPSS Score
- Aug 2, 2024 EPSS Score
- Sep 4, 2024 EPSS Score
- Oct 6, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2333.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2333 advisory
- http://linux.oracle.com/errata/ELSA-2023-6245.html advisory
- https://linux.oracle.com/errata/ELSA-2023-6242.html advisory
- https://access.redhat.com/errata/RHSA-2023:6246 advisory
- https://linux.oracle.com/errata/ELSA-2023-6247.html advisory
- https://linux.oracle.com/errata/ELSA-2023-6246.html advisory
- https://www.cybersecurity-help.cz/vdb/SB2023102524 advisory
- https://ubuntu.com/security/notices/USN-6438-2 advisory
- https://linux.oracle.com/errata/ELSA-2023-5143.html advisory
- https://linux.oracle.com/errata/ELSA-2023-5144.html advisory
- https://linux.oracle.com/errata/ELSA-2023-5145.html advisory
- http://linux.oracle.com/errata/ELSA-2023-5146.html advisory
- https://securityonline.info/poc-exploit-published-for-visual-studio-code-rce-vulnerability-cve-2023-36742/ exploit
- http://linux.oracle.com/errata/ELSA-2023-5145.html advisory
- https://access.redhat.com/errata/RHSA-2023:5146 advisory
- https://access.redhat.com/errata/RHSA-2023:5145 advisory
- https://access.redhat.com/errata/RHSA-2023:5142 advisory
- https://access.redhat.com/errata/RHSA-2023:5143 advisory
- https://access.redhat.com/errata/RHSA-2023:5144 advisory
…and 2 more