Elevation of Privilege Vulnerability Affects Microsoft Products

CVE-2023-36049

Summary

A vulnerability with high CVSS scores has been identified in the .NET Framework, allowing for the elevation of privilege and security feature bypass. This vulnerability specifically affects FTP operations and allows unauthorized users to write or delete files on the server, potentially leading to data loss, data corruption, or unauthorized access to sensitive information. Microsoft has released patches to address the flaws, and users are urged to apply the updates promptly in order to safeguard against potential attacks. The exploitation of these vulnerabilities could have a significant impact on affected systems, especially those relying on the .NET Framework for FTP operations.

News Articles

Veeam Community Resource Hub

CVE-2023-36049CVE-2023-36558

Veeam VBR 12.1 CVE-2023-36558 and CVE-2023-36049 Vulnerabilities | Veeam Community Resource Hub

Today, I noticed there are two fresh vulnerabilities on the VBR12.1 Manager and console servers. Certain .net core requirements are installed when the p...

10 months ago

CybersecurityNews

CVE-2023-36049

Microsoft .NET Framework & Visual Studio Flaw Let Attackers Write or Delete Files

A vulnerability, CVE-2023-36049 has been identified in the Microsoft .NET Framework & Visual Studio, posing a serious threat to the integrity.

10 months ago

Zero Day Initiative

CVE-2023-36049

Zero Day Initiative — CVE-2023-36049: Microsoft .NET CRLF Injection Arbitrary File Write/Deletion Vulnerability

In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Justin Hung and Yazhi Wang of the Trend Micro Research Team detail a recently patched privilege escalation vulnerability in .NET Framework and Visual Studio. This bug was originally discovered by Piotr Bazydło of T

10 months ago

References