Multiple vulnerabilities in Microsoft Developer Tools

Description

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Visual Studio Code ESLint Extension can be exploited remotely to execute arbitrary code.
2. A remote code execution vulnerability in Visual Studio Code can be exploited remotely to execute arbitrary code.
3. A remote code execution vulnerability in Git for Visual Studio can be exploited remotely to execute arbitrary code.
4. A remote code execution vulnerability in Quantum Development Kit for Visual Studio Code can be exploited remotely to execute arbitrary code.
5. A remote code execution vulnerability in Remote Development Extension for Visual Studio Code can be exploited remotely to execute arbitrary code.
6. A remote code execution vulnerability in Visual Studio Code Java Extension Pack can be exploited remotely to execute arbitrary code.

Original advisories

• CVE-2021-27081

• CVE-2021-27060
• CVE-2021-21300
• CVE-2021-27082
• CVE-2021-27083
• CVE-2021-27084

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

• Microsoft-Visual-Studio

CVE list

• CVE-2021-27081
  critical
• CVE-2021-27060
  critical
• CVE-2021-21300
  critical
• CVE-2021-27082
  critical
• CVE-2021-27083
  critical
• CVE-2021-27084
  critical

KB list

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com