VDB
CVE-2023-36759
CVE-2023-36759
PUBLISHED
Es existieren mehrere Schwachstellen in verschiedenen Microsoft Developer Tools. Die Fehler sind noch nicht im Detail beschrieben. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien auf SYSTEM zu erweitern. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
EPSS 0.33% · 55.9th percentile
Risk Scores
EPSS Score
0.33%
55.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Azure DevOps Server 2020.1.2 | |
| Microsoft | Microsoft .NET Framework 3.5.1 | |
| Microsoft | Microsoft Azure DevOps Server 2020.0.2 | |
| Ubuntu | Ubuntu Linux | |
| Microsoft | Microsoft .NET Framework 3.0 SP2 | |
| Microsoft | Microsoft .NET Framework 3.5 | |
| Microsoft | Microsoft Visual Studio 2022 version 17.6 | |
| Microsoft | Microsoft .NET Framework 4.8.1 | |
| Microsoft | Microsoft Azure DevOps Server 2019.1.2 | |
| Microsoft | Microsoft Visual Studio 2022 version 17.4 | |
| Microsoft | Microsoft .NET Framework 4.7.2 | |
| Microsoft | Microsoft Visual Studio 2022 version 17.2 | |
| Microsoft | Microsoft .NET Framework 4.6.2 | |
| Microsoft | Microsoft .NET Framework 2.0 SP2 | |
| Microsoft | Microsoft .NET Framework 4.8 | |
| Microsoft | Microsoft .NET Framework 4.7 | |
| Microsoft | Microsoft Visual Studio 2022 version 17.7 | |
| Oracle | Oracle Linux | |
| Microsoft | Microsoft Visual Studio Code | |
| Microsoft | Microsoft Azure DevOps Server 2019.0.1 |
…and 4 more
Exploit Intelligence
Timeline
- Sep 12, 2023 CVE Published
- Sep 13, 2023 EPSS Score
- Oct 15, 2023 EPSS Score
- Nov 17, 2023 EPSS Score
- Jan 21, 2024 EPSS Score
- Feb 22, 2024 EPSS Score
- Mar 25, 2024 EPSS Score
- Apr 27, 2024 EPSS Score
- May 29, 2024 EPSS Score
- Jul 1, 2024 EPSS Score
- Sep 4, 2024 EPSS Score
- Oct 6, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2333.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2333 advisory
- http://linux.oracle.com/errata/ELSA-2023-6245.html advisory
- https://linux.oracle.com/errata/ELSA-2023-6242.html advisory
- https://access.redhat.com/errata/RHSA-2023:6246 advisory
- https://linux.oracle.com/errata/ELSA-2023-6247.html advisory
- https://linux.oracle.com/errata/ELSA-2023-6246.html advisory
- https://www.cybersecurity-help.cz/vdb/SB2023102524 advisory
- https://ubuntu.com/security/notices/USN-6438-2 advisory
- https://linux.oracle.com/errata/ELSA-2023-5143.html advisory
- https://linux.oracle.com/errata/ELSA-2023-5144.html advisory
- https://linux.oracle.com/errata/ELSA-2023-5145.html advisory
- http://linux.oracle.com/errata/ELSA-2023-5146.html advisory
- https://securityonline.info/poc-exploit-published-for-visual-studio-code-rce-vulnerability-cve-2023-36742/ exploit
- http://linux.oracle.com/errata/ELSA-2023-5145.html advisory
- https://access.redhat.com/errata/RHSA-2023:5146 advisory
- https://access.redhat.com/errata/RHSA-2023:5145 advisory
- https://access.redhat.com/errata/RHSA-2023:5142 advisory
- https://access.redhat.com/errata/RHSA-2023:5143 advisory
- https://access.redhat.com/errata/RHSA-2023:5144 advisory
…and 2 more