Description
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service.
Below is a complete list of vulnerabilities:
- A remote code execution vulnerability in .NET Core can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Visual Studio Code can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Sysinternals PsExec can be exploited remotely to gain privileges.
- A denial of service vulnerability in .NET Core and Visual Studio can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Package Managers Configurations can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Visual Studio Code npm-script Extension can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in .NET Framework can be exploited remotely to cause denial of service.
Original advisories
- CVE-2021-1639
- CVE-2021-1733
- CVE-2021-1721
- CVE-2021-24105
- CVE-2021-26700
- CVE-2021-24111
- CVE-2021-24112
Exploitation
Public exploits exist for this vulnerability.
Related products
CVE list
- CVE-2021-26701 critical
- CVE-2021-1639 high
- CVE-2021-1733 critical
- CVE-2021-1721 high
- CVE-2021-24105 critical
- CVE-2021-26700 critical
- CVE-2021-24111 critical
- CVE-2021-24112 critical
KB list
- 4601354
- 4601318
- 4602960
- 4601056
- 4603002
- 4601050
- 4603004
- 4602961
- 4602959
- 4603003
- 4601051
- 4601887
- 4601054
- 4602958
- 4603005
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!