NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability

CVE-2024-0057
9.1CRITICAL

Key Information

Vendor
Microsoft
Status
.net 8.0
.net 7.0
.net 6.0
Microsoft Visual Studio 2022 Version 17.2
Vendor
CVE Published:
9 January 2024

Badges

👾 Exploit Exists📰 News Worthy

Summary

NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability

Affected Version(s)

.NET 8.0 < 8.0.1

.NET 7.0 < 7.0.15

.NET 6.0 < 6.0.26

News Articles

favicon imageKaspersky Threats

Kaspersky Threats — KLA62822

Kaspersky Threats — KLA62822 Multiple vulnerabilities in Microsoft Developer Tools

8 months ago

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit exists.

  • Risk change from: 9.8 to: 9.1 - (CRITICAL)

  • Risk change from: 9.8 to: 9.1 - (CRITICAL)

  • Risk change from: 9.8 to: 9.1 - (CRITICAL)

  • Risk change from: 9.8 to: 9.1 - (CRITICAL)

  • First article discovered by Kaspersky Threats

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed1 News Article(s)
.