Privilege Elevation Vulnerability in Visual Studio by Microsoft
CVE-2025-29802
7.3HIGH
Key Information:
- Vendor
- Microsoft
- Status
- Vendor
- CVE Published:
- 8 April 2025
Summary
A security issue in Microsoft Visual Studio allows an attacker with authorized access to elevate their privileges locally. This improper access control vulnerability can potentially lead to unauthorized actions within the development environment, posing a risk to the integrity and confidentiality of the projects being developed. It is essential for users to review their security configurations and implement necessary updates to mitigate this risk.
Affected Version(s)
Microsoft Visual Studio 2022 version 17.10 Unknown 17.10 < 17.10.13
Microsoft Visual Studio 2022 version 17.12 Unknown 17.0 < 17.12.7
Microsoft Visual Studio 2022 version 17.8 Unknown 17.8.0 < 17.8.20
References
CVSS V3.1
Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved