CVE-2023-36867 — Vulnetix

CVE-2023-36867 PUBLISHED

In Microsoft Visual Studio 2022, Microsoft Visual Studio Code und Microsoft .NET Framework existieren mehrere Schwachstellen. Diese werden von Microsoft nicht im Detail beschrieben. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Sicherheitsvorkehrungen zu umgehen oder Dateien zu manipulieren.

EPSS 0.28% · 52.0th percentile

Risk Scores

EPSS Score

0.28%

52.0th percentile

Affected Products

Vendor	Product	Versions
Microsoft	Microsoft Visual Studio 2022 version 17.0
Microsoft	Microsoft Visual Studio Code Mono 6.12.0
Fedora	Fedora Linux
Microsoft	Microsoft Visual Studio 2022 version 17.6
Microsoft	Microsoft .NET Framework 6.0
Microsoft	Microsoft Visual Studio Code - GitHub Pull Requests and Issues Extension
Ubuntu	Ubuntu Linux
Microsoft	Microsoft Visual Studio 2022 version 17.2
Microsoft	Microsoft Visual Studio 2022 version 17.4
Oracle	Oracle Linux
Microsoft	Microsoft .NET Framework 7.0
Red Hat	Red Hat Enterprise Linux
Microsoft	Microsoft Visual Studio Code PandocUpload

Exploit Intelligence

https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
cve_test.go (github-poc)
cve_test.go (github-poc)
cve_test.go (github-poc)
cve_test.go (github-poc)
cve_test.go (github-poc)
cve_test.go (github-poc)
cve_test.go (github-poc)
cve_test.go (github-poc)
cve_test.go (github-poc)

…and 3 more exploits

Timeline

Jul 11, 2023 CVE Published
Jul 12, 2023 EPSS Score
Aug 10, 2023 CVE Updated
Aug 16, 2023 EPSS Score
Sep 19, 2023 EPSS Score
Nov 27, 2023 EPSS Score
Jan 1, 2024 EPSS Score
Feb 5, 2024 EPSS Score
Mar 10, 2024 EPSS Score
May 18, 2024 EPSS Score
Jun 22, 2024 EPSS Score
Jul 26, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1722.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1722 advisory
https://oss.oracle.com/pipermail/el-errata/2023-August/014361.html advisory
https://oss.oracle.com/pipermail/el-errata/2023-August/014362.html advisory
https://oss.oracle.com/pipermail/el-errata/2023-August/014278.html advisory
https://access.redhat.com/errata/RHSA-2023:4448 advisory
https://access.redhat.com/errata/RHSA-2023:4449 advisory
https://linux.oracle.com/errata/ELSA-2023-4060.html advisory
https://access.redhat.com/errata/RHSA-2023:4058 advisory
https://bodhi.fedoraproject.org/updates/FEDORA-2023-18264c31f6 advisory
https://bodhi.fedoraproject.org/updates/FEDORA-2023-4a48637c3f advisory
https://bodhi.fedoraproject.org/updates/FEDORA-2023-d25e798d6c advisory
https://bodhi.fedoraproject.org/updates/FEDORA-2023-feda45bc39 advisory
https://access.redhat.com/errata/RHSA-2023:4059 advisory
https://access.redhat.com/errata/RHSA-2023:4060 advisory
https://access.redhat.com/errata/RHSA-2023:4061 advisory
https://access.redhat.com/errata/RHSA-2023:4057 advisory
https://ubuntu.com/security/notices/USN-6217-1 advisory
https://msrc.microsoft.com/update-guide advisory

Open in Interactive Console →