.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
CVE-2024-38081

7.3HIGH

Summary

The vulnerability in .NET, .NET Framework, and Visual Studio allows an attacker to exploit the system and gain elevated privileges. By leveraging this security flaw, malicious actors can execute unauthorized commands and access sensitive data, potentially compromising the integrity and confidentiality of the system. This highlights the importance of prompt security updates and good practices in maintaining software integrity to safeguard against unauthorized exploitation.

Affected Version(s)

.NET 6.0 Unknown 6.0.0 < 6.0.32

Microsoft .NET Framework 2.0 Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 2.0.0 < 2.0.50727.8977

Microsoft .NET Framework 3.0 Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 3.0.0 < 2.0.50727.8977

References

EPSS Score

0% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed
.