Multiple vulnerabilities in Microsoft Developer Tools

Description

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in SysInternals Sysmon for Windows can be exploited remotely to gain privileges.
2. An information disclosure vulnerability in Visual Studio Code can be exploited remotely to obtain sensitive information.

Original advisories

• CVE-2023-29343

• CVE-2023-29338

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

• Microsoft-Visual-Studio
• Microsoft-Windows

CVE list

• CVE-2023-29343
  critical
• CVE-2023-29338
  high

KB list

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com