Multiple vulnerabilities in Microsoft Developer Tools

Description

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. An information disclosure vulnerability can be exploited remotely to obtain sensitive information.
2. An elevation of privilege vulnerability can be exploited remotely to gain privileges.
3. An elevation of privilege vulnerability in Visual Studio can be exploited remotely to gain privileges.
4. A remote code execution vulnerability can be exploited remotely to execute arbitrary code.
5. A remote code execution vulnerability in Visual Studio Code Python Extension can be exploited remotely to execute arbitrary code.
6. A remote code execution vulnerability in Visual Studio Code can be exploited remotely to execute arbitrary code.

Original advisories

• CVE-2025-48385

• CVE-2025-46334
• CVE-2025-49739
• CVE-2025-27614
• CVE-2025-27613
• CVE-2025-48384
• CVE-2025-49714
• CVE-2025-48386
• CVE-2025-46835

Related products

• Microsoft-Visual-Studio

CVE list

• CVE-2025-48385
  unknown
• CVE-2025-46334
  unknown
• CVE-2025-49739
  critical
• CVE-2025-27614
  unknown
• CVE-2025-27613
  unknown
• CVE-2025-48384
  unknown
• CVE-2025-49714
  critical
• CVE-2025-48386
  unknown
• CVE-2025-46835
  unknown

KB list

• 5063035

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com