Elevation of Privilege Vulnerability in Visual Studio Code JS Debug Extension by Microsoft
CVE-2025-24042
7.3HIGH
Key Information:
- Vendor
- Microsoft
- Vendor
- CVE Published:
- 11 February 2025
Summary
The JS Debug Extension for Visual Studio Code contains a vulnerability that allows an attacker to gain elevated privileges. This flaw can lead to unauthorized access to sensitive system resources, enabling potential exploitation and compromise of user data within development environments. Mitigating this vulnerability is crucial for maintaining the integrity and security of applications developed using Visual Studio Code.
Affected Version(s)
Visual Studio Code - JS Debug Extension Unknown 1.0.0 < 1.97.1
References
CVSS V3.1
Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved