NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
CVE-2024-0057

9.1CRITICAL

Key Information:

Vendor
Microsoft
Status
.net 8.0
.net 7.0
.net 6.0
Microsoft Visual Studio 2022 Version 17.2
Vendor
CVE Published:
9 January 2024

Badges

πŸ‘Ύ Exploit ExistsπŸ“° News Worthy

Summary

A vulnerability exists in the .NET Framework and Visual Studio that allows an attacker to bypass security features. This can enable unauthorized access to system functions that would typically be restricted. The potential exploit could lead to increased risk for applications utilizing these frameworks if not addressed. Microsoft has highlighted this in its advisory, emphasizing the need for developers and IT administrators to apply patches and updates to safeguard their environments from potential exploitation.

Affected Version(s)

.NET 6.0 Unknown 6.0.0 < 6.0.26

.NET 7.0 Unknown 7.0.0 < 7.0.15

.NET 8.0 Unknown 1.0.0 < 8.0.1

News Articles

favicon imageKaspersky Threats

Kaspersky Threats β€” KLA62822

Kaspersky Threats β€” KLA62822 Multiple vulnerabilities in Microsoft Developer Tools

1 year ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • πŸ‘Ύ

    Exploit known to exist

  • πŸ“°

    First article discovered by Kaspersky Threats

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed1 News Article(s)
.