Multiple vulnerabilities in Microsoft Developer Tools

Описание

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code, cause denial of service.

Below is a complete list of vulnerabilities:

1. Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally.
2. Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.
3. Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.
4. Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network.

Первичный источник обнаружения

• CVE-2025-26631
  CVE-2025-24998
  CVE-2025-25003
  CVE-2025-24070
  CVE-2025-24043
  

Связанные продукты

• Microsoft-Visual-Studio
• .NET

Список CVE

• CVE-2025-24043
  high
• CVE-2025-24070
  high
• CVE-2025-24998
  high
• CVE-2025-25003
  high
• CVE-2025-26631
  high

Список KB

• 5054229
• 5054230

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com