VDB
CVE-2023-36788
CVE-2023-36788
PUBLISHED
Es existieren mehrere Schwachstellen in verschiedenen Microsoft Developer Tools. Die Fehler sind noch nicht im Detail beschrieben. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien auf SYSTEM zu erweitern. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
EPSS 0.28% · 51.8th percentile
Risk Scores
EPSS Score
0.28%
51.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Oracle Linux | |
| Microsoft | Microsoft Azure DevOps Server 2020.1.2 | |
| Microsoft | Microsoft Azure DevOps Server 2019.0.1 | |
| Microsoft | Microsoft Visual Studio 2022 version 17.4 | |
| Microsoft | Microsoft .NET Framework 4.6.2 | |
| Microsoft | Microsoft .NET Framework 4.7.2 | |
| Ubuntu | Ubuntu Linux | |
| Microsoft | Microsoft Visual Studio 2022 version 17.2 | |
| Microsoft | Microsoft .NET Framework 4.8 | |
| Microsoft | Microsoft .NET Framework 3.0 SP2 | |
| Red Hat | Red Hat Enterprise Linux | |
| Microsoft | Microsoft .NET Framework 4.8.1 | |
| Microsoft | Microsoft Visual Studio 2017 version 15.9 | |
| Microsoft | Microsoft .NET Framework 4.7.1 | |
| Microsoft | Microsoft .NET Framework 3.5 | |
| Microsoft | Microsoft .NET Framework 4.7 | |
| Microsoft | Microsoft Azure DevOps Server 2020.0.2 | |
| Microsoft | Microsoft Visual Studio 2022 version 17.7 | |
| Microsoft | Microsoft Azure DevOps Server 2019.1.2 | |
| Microsoft | Microsoft Visual Studio 2022 version 17.6 |
…and 4 more
Exploit Intelligence
Timeline
- Sep 12, 2023 CVE Published
- Sep 13, 2023 EPSS Score
- Oct 15, 2023 EPSS Score
- Nov 17, 2023 EPSS Score
- Jan 21, 2024 EPSS Score
- Feb 22, 2024 EPSS Score
- Mar 25, 2024 EPSS Score
- Apr 27, 2024 EPSS Score
- May 29, 2024 EPSS Score
- Aug 2, 2024 EPSS Score
- Sep 4, 2024 EPSS Score
- Oct 6, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2333.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2333 advisory
- http://linux.oracle.com/errata/ELSA-2023-6245.html advisory
- https://linux.oracle.com/errata/ELSA-2023-6242.html advisory
- https://access.redhat.com/errata/RHSA-2023:6246 advisory
- https://linux.oracle.com/errata/ELSA-2023-6247.html advisory
- https://linux.oracle.com/errata/ELSA-2023-6246.html advisory
- https://www.cybersecurity-help.cz/vdb/SB2023102524 advisory
- https://ubuntu.com/security/notices/USN-6438-2 advisory
- https://linux.oracle.com/errata/ELSA-2023-5143.html advisory
- https://linux.oracle.com/errata/ELSA-2023-5144.html advisory
- https://linux.oracle.com/errata/ELSA-2023-5145.html advisory
- http://linux.oracle.com/errata/ELSA-2023-5146.html advisory
- https://securityonline.info/poc-exploit-published-for-visual-studio-code-rce-vulnerability-cve-2023-36742/ exploit
- http://linux.oracle.com/errata/ELSA-2023-5145.html advisory
- https://access.redhat.com/errata/RHSA-2023:5146 advisory
- https://access.redhat.com/errata/RHSA-2023:5145 advisory
- https://access.redhat.com/errata/RHSA-2023:5142 advisory
- https://access.redhat.com/errata/RHSA-2023:5143 advisory
- https://access.redhat.com/errata/RHSA-2023:5144 advisory
…and 2 more