NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
CVE-2024-0057

9.1CRITICAL

Key Information:

Vendor

Microsoft
Status
.net 8.0
.net 7.0
.net 6.0
Microsoft Visual Studio 2022 Version 17.2
Vendor
CVE Published:
9 January 2024

Badges

👾 Exploit Exists📰 News Worthy

What is CVE-2024-0057?

A vulnerability exists in the .NET Framework and Visual Studio that allows an attacker to bypass security features. This can enable unauthorized access to system functions that would typically be restricted. The potential exploit could lead to increased risk for applications utilizing these frameworks if not addressed. Microsoft has highlighted this in its advisory, emphasizing the need for developers and IT administrators to apply patches and updates to safeguard their environments from potential exploitation.

Affected Version(s)

.NET 6.0 Unknown 6.0.0 < 6.0.26

.NET 7.0 Unknown 7.0.0 < 7.0.15

.NET 8.0 Unknown 8.0 < 8.0.1

News Articles

favicon imageKaspersky Threats

Kaspersky Threats — KLA62822

Kaspersky Threats — KLA62822 Multiple vulnerabilities in Microsoft Developer Tools

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

EPSS Score

8% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by Kaspersky Threats

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2024-0057 : NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability