Kaspersky ID:
KLA60561
Дата обнаружения:
12/09/2023
Обновлено:
25/01/2024

Описание

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service.

Below is a complete list of vulnerabilities:

  1. A remote code execution vulnerability in Visual Studio can be exploited remotely to execute arbitrary code.
  2. A remote code execution vulnerability in .NET Framework can be exploited remotely to execute arbitrary code.
  3. A remote code execution vulnerability in Visual Studio Code can be exploited remotely to execute arbitrary code.
  4. A remote code execution vulnerability can be exploited remotely to execute arbitrary code.
  5. A remote code execution vulnerability in Azure DevOps Server can be exploited remotely to gain privileges.
  6. A remote code execution vulnerability in Azure DevOps Server can be exploited remotely to execute arbitrary code.
  7. An elevation of privilege vulnerability in Visual Studio can be exploited remotely to gain privileges.
  8. A denial of service vulnerability in .NET Core and Visual Studio can be exploited remotely to cause denial of service.

Первичный источник обнаружения

Связанные продукты

Список CVE

  • CVE-2023-39956
    high
  • CVE-2023-36793
    critical
  • CVE-2023-36796
    critical
  • CVE-2023-36788
    critical
  • CVE-2023-36742
    critical
  • CVE-2023-36792
    critical
  • CVE-2023-38155
    critical
  • CVE-2023-33136
    critical
  • CVE-2023-36759
    high
  • CVE-2023-36799
    high
  • CVE-2023-36794
    critical
  • CVE-2023-36758
    critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Confirm changes?
Your message has been sent successfully.