Vulnerability Details : CVE-2022-24512
.NET and Visual Studio Remote Code Execution Vulnerability
Vulnerability category: Execute code
Products affected by CVE-2022-24512
- cpe:2.3:a:microsoft:.net_core:3.1:-:*:*:*:*:*:*
- cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
- Microsoft » Visual Studio 2019Versions from including (>=) 16.10.0 and up to, including, (<=) 16.10.4cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
- Microsoft » Visual Studio 2019Versions from including (>=) 16.8.0 and up to, including, (<=) 16.8.7cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:.net:6.0.0:-:*:*:*:*:*:*
- cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-24512
1.15%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 85 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-24512
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
6.3
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
2.8
|
3.4
|
NIST | |
6.3
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
2.8
|
3.4
|
Microsoft Corporation |
References for CVE-2022-24512
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/
[SECURITY] Fedora 35 Update: dotnet3.1-3.1.417-1.fc35 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/
[SECURITY] Fedora 34 Update: dotnet6.0-6.0.103-1.fc34 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/
[SECURITY] Fedora 36 Update: dotnet6.0-6.0.103-1.fc36 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/
[SECURITY] Fedora 34 Update: dotnet3.1-3.1.417-1.fc34 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/
[SECURITY] Fedora 35 Update: dotnet6.0-6.0.103-1.fc35 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512
CVE-2022-24512 - Security Update Guide - Microsoft - .NET and Visual Studio Remote Code Execution VulnerabilityPatch;Vendor Advisory
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512
CVE-2022-24512 - Security Update Guide - Microsoft - .NET and Visual Studio Remote Code Execution VulnerabilityPatch;Vendor Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/
[SECURITY] Fedora 36 Update: dotnet3.1-3.1.417-1.fc36 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
Jump to