MSRC_CVE-2023-24897
Vulnerability from csaf_microsoft - Published: 2023-06-13 07:00 - Updated: 2023-06-29 07:00Summary
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
Severity
Important
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
Customer Action: Required. The vulnerability documented by this CVE requires customer action to resolve.
CWE-122
- Heap-based Buffer Overflow
Vendor Fix
15.9.55:Security Update:https://docs.microsoft.com/en-us/visualstudio/releasenotes/vs2017-relnotes
https://docs.microsoft.com/en-us/visualstudio/rel…
Vendor Fix
17.2.16:Security Update:https://docs.microsoft.com/en-us/visualstudio/releases/2022/release-notes
https://docs.microsoft.com/en-us/visualstudio/rel…
Vendor Fix
16.11.27:Security Update:https://docs.microsoft.com/en-us/visualstudio/releases/2019/release-notes-v16.11
https://docs.microsoft.com/en-us/visualstudio/rel…
Vendor Fix
17.0.22:Security Update:https://docs.microsoft.com/en-us/visualstudio/releases/2022/release-notes-v17.0
https://docs.microsoft.com/en-us/visualstudio/rel…
Vendor Fix
17.4.8:Security Update:https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes
https://learn.microsoft.com/en-us/visualstudio/re…
Vendor Fix
12.0.40700.0:Security Update:https://support.microsoft.com/help/5026610
https://support.microsoft.com/help/5026610
Vendor Fix
14.0.27555.0:Security Update:https://support.microsoft.com/help/5025792
https://support.microsoft.com/help/5025792
Vendor Fix
7.0.7:Security Update:https://support.microsoft.com/help/5027798
https://support.microsoft.com/help/5027798
Vendor Fix
6.0.18:Security Update:https://support.microsoft.com/help/5027797
https://support.microsoft.com/help/5027797
Vendor Fix
17.6.3:Security Update:https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes
https://learn.microsoft.com/en-us/visualstudio/re…
Vendor Fix
7.2.12:Security Update:https://github.com/PowerShell/Announcements/issues/40
https://github.com/PowerShell/Announcements/issues/40
Vendor Fix
4.8.4644.0:Security Update:https://support.microsoft.com/help/5027544
https://support.microsoft.com/help/5027544
Vendor Fix
4.8.4644.0:Monthly Rollup:https://support.microsoft.com/help/5027540
https://support.microsoft.com/help/5027540
Vendor Fix
4.8.4644.0:Security Only:https://support.microsoft.com/help/5027531
https://support.microsoft.com/help/5027531
Vendor Fix
4.8.4644.0:Monthly Rollup:https://support.microsoft.com/help/5027542
https://support.microsoft.com/help/5027542
Vendor Fix
4.8.4644.0:Security Only:https://support.microsoft.com/help/5027533
https://support.microsoft.com/help/5027533
Vendor Fix
4.8.4644.0:Security Update:https://support.microsoft.com/help/5027536
https://support.microsoft.com/help/5027536
Vendor Fix
4.8.4644.0:Security Update:https://support.microsoft.com/help/5027123
https://support.microsoft.com/help/5027123
Vendor Fix
4.8.4644.0:Monthly Rollup:https://support.microsoft.com/help/5027541
https://support.microsoft.com/help/5027541
Vendor Fix
4.8.4644.0:Security Only:https://support.microsoft.com/help/5027532
https://support.microsoft.com/help/5027532
Vendor Fix
4.8.4644.0:Security Update:https://support.microsoft.com/help/5027539
https://support.microsoft.com/help/5027539
Vendor Fix
4.8.4644.0:Security Update:https://support.microsoft.com/help/5027537
https://support.microsoft.com/help/5027537
Vendor Fix
4.8.4644.0:Security Update:https://support.microsoft.com/help/5027538
https://support.microsoft.com/help/5027538
Vendor Fix
4.7.4050.0:Security Update:https://support.microsoft.com/help/5027536
https://support.microsoft.com/help/5027536
Vendor Fix
10.0.14393.5989:Security Update:https://support.microsoft.com/help/5027219
https://support.microsoft.com/help/5027219
Vendor Fix
4.7.04043.0:Monthly Rollup:https://support.microsoft.com/help/5027540
https://support.microsoft.com/help/5027540
Vendor Fix
4.7.4050.0:Security Only:https://support.microsoft.com/help/5027531
https://support.microsoft.com/help/5027531
Vendor Fix
4.7.04043.0:Monthly Rollup:https://support.microsoft.com/help/5027541
https://support.microsoft.com/help/5027541
Vendor Fix
4.7.4050.0:Security Only:https://support.microsoft.com/help/5027532
https://support.microsoft.com/help/5027532
Vendor Fix
4.7.04043.0:Monthly Rollup:https://support.microsoft.com/help/5027542
https://support.microsoft.com/help/5027542
Vendor Fix
4.7.4050.0:Security Only:https://support.microsoft.com/help/5027533
https://support.microsoft.com/help/5027533
Vendor Fix
4.8.9166.0:Security Update:https://support.microsoft.com/help/5027544
https://support.microsoft.com/help/5027544
Vendor Fix
4.8.9166.0:Security Update:https://support.microsoft.com/help/5027539
https://support.microsoft.com/help/5027539
Vendor Fix
4.8.9166.0:Security Update:https://support.microsoft.com/help/5027537
https://support.microsoft.com/help/5027537
Vendor Fix
4.8.9166.0:Security Update:https://support.microsoft.com/help/5027119
https://support.microsoft.com/help/5027119
Vendor Fix
4.8.9166.0:Security Update:https://support.microsoft.com/help/5027538
https://support.microsoft.com/help/5027538
Vendor Fix
4.7.04043.0:Monthly Rollup:https://support.microsoft.com/help/5027543
https://support.microsoft.com/help/5027543
Vendor Fix
4.7.4050.0:Security Only:https://support.microsoft.com/help/5027534
https://support.microsoft.com/help/5027534
Vendor Fix
10.0.10240.19983:Security Update:https://support.microsoft.com/help/5027230
https://support.microsoft.com/help/5027230
References
Acknowledgments
goodbyeselene
HAO LI of VenusTech ADLab
goodbyeselene
{
"document": {
"acknowledgments": [
{
"names": [
"goodbyeselene"
]
},
{
"names": [
"HAO LI of VenusTech ADLab"
]
},
{
"names": [
"goodbyeselene"
]
}
],
"aggregate_severity": {
"namespace": "https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
},
{
"category": "general",
"text": "Required. The vulnerability documented by this CVE requires customer action to resolve.",
"title": "Customer Action"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2023-24897 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24897"
},
{
"category": "self",
"summary": "CVE-2023-24897 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/csaf/2023/msrc_cve-2023-24897.json"
},
{
"category": "external",
"summary": "Microsoft Exploitability Index",
"url": "https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability",
"tracking": {
"current_release_date": "2023-06-29T07:00:00.000Z",
"generator": {
"date": "2025-01-01T01:43:29.838Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2023-24897",
"initial_release_date": "2023-06-13T07:00:00.000Z",
"revision_history": [
{
"date": "2023-06-13T07:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2023-06-29T07:00:00.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Revised the Security Updates table to include PowerShell 7.2 because this version of PowerShell 7 is affected by this vulnerability. See [https://github.com/PowerShell/Announcements/issues/40](https://github.com/PowerShell/Announcements/issues/40) for more information."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c15.9.55",
"product": {
"name": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) \u003c15.9.55",
"product_id": "66"
}
},
{
"category": "product_version",
"name": "15.9.55",
"product": {
"name": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) 15.9.55",
"product_id": "11600"
}
}
],
"category": "product_name",
"name": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c17.2.16",
"product": {
"name": "Microsoft Visual Studio 2022 version 17.2 \u003c17.2.16",
"product_id": "22"
}
},
{
"category": "product_version",
"name": "17.2.16",
"product": {
"name": "Microsoft Visual Studio 2022 version 17.2 17.2.16",
"product_id": "12051"
}
}
],
"category": "product_name",
"name": "Microsoft Visual Studio 2022 version 17.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c16.11.27",
"product": {
"name": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) \u003c16.11.27",
"product_id": "26"
}
},
{
"category": "product_version",
"name": "16.11.27",
"product": {
"name": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) 16.11.27",
"product_id": "11935"
}
}
],
"category": "product_name",
"name": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c17.0.22",
"product": {
"name": "Microsoft Visual Studio 2022 version 17.0 \u003c17.0.22",
"product_id": "25"
}
},
{
"category": "product_version",
"name": "17.0.22",
"product": {
"name": "Microsoft Visual Studio 2022 version 17.0 17.0.22",
"product_id": "11969"
}
}
],
"category": "product_name",
"name": "Microsoft Visual Studio 2022 version 17.0"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c17.4.8",
"product": {
"name": "Microsoft Visual Studio 2022 version 17.4 \u003c17.4.8",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "17.4.8",
"product": {
"name": "Microsoft Visual Studio 2022 version 17.4 17.4.8",
"product_id": "12129"
}
}
],
"category": "product_name",
"name": "Microsoft Visual Studio 2022 version 17.4"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.0.40700.0",
"product": {
"name": "Microsoft Visual Studio 2013 Update 5 \u003c12.0.40700.0",
"product_id": "68"
}
},
{
"category": "product_version",
"name": "12.0.40700.0",
"product": {
"name": "Microsoft Visual Studio 2013 Update 5 12.0.40700.0",
"product_id": "10566"
}
}
],
"category": "product_name",
"name": "Microsoft Visual Studio 2013 Update 5"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c14.0.27555.0",
"product": {
"name": "Microsoft Visual Studio 2015 Update 3 \u003c14.0.27555.0",
"product_id": "67"
}
},
{
"category": "product_version",
"name": "14.0.27555.0",
"product": {
"name": "Microsoft Visual Studio 2015 Update 3 14.0.27555.0",
"product_id": "10577"
}
}
],
"category": "product_name",
"name": "Microsoft Visual Studio 2015 Update 3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.0.7",
"product": {
"name": ".NET 7.0 \u003c7.0.7",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "7.0.7",
"product": {
"name": ".NET 7.0 7.0.7",
"product_id": "12130"
}
}
],
"category": "product_name",
"name": ".NET 7.0"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.0.18",
"product": {
"name": ".NET 6.0 \u003c6.0.18",
"product_id": "23"
}
},
{
"category": "product_version",
"name": "6.0.18",
"product": {
"name": ".NET 6.0 6.0.18",
"product_id": "12009"
}
}
],
"category": "product_name",
"name": ".NET 6.0"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c17.6.3",
"product": {
"name": "Microsoft Visual Studio 2022 version 17.6 \u003c17.6.3",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "17.6.3",
"product": {
"name": "Microsoft Visual Studio 2022 version 17.6 17.6.3",
"product_id": "12187"
}
}
],
"category": "product_name",
"name": "Microsoft Visual Studio 2022 version 17.6"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.2.12",
"product": {
"name": "PowerShell 7.2 \u003c7.2.12",
"product_id": "24"
}
},
{
"category": "product_version",
"name": "7.2.12",
"product": {
"name": "PowerShell 7.2 7.2.12",
"product_id": "11970"
}
}
],
"category": "product_name",
"name": "PowerShell 7.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 \u003c4.8.4644.0",
"product_id": "42"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 4.8.4644.0",
"product_id": "11676-11923"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 \u003c4.8.4644.0",
"product_id": "56"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 4.8.4644.0",
"product_id": "11650-10049"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 \u003c4.8.4644.0",
"product_id": "57"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 4.8.4644.0",
"product_id": "11650-10483"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 \u003c4.8.4644.0",
"product_id": "43"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 4.8.4644.0",
"product_id": "11676-11924"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 \u003c4.8.4644.0",
"product_id": "44"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 4.8.4644.0",
"product_id": "11676-11568"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 \u003c4.8.4644.0",
"product_id": "58"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 4.8.4644.0",
"product_id": "11650-10051"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 \u003c4.8.4644.0",
"product_id": "59"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 4.8.4644.0",
"product_id": "11650-10852"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 \u003c4.8.4644.0",
"product_id": "60"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 4.8.4644.0",
"product_id": "11650-10378"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 \u003c4.8.4644.0",
"product_id": "61"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 4.8.4644.0",
"product_id": "11650-10816"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 \u003c4.8.4644.0",
"product_id": "45"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 4.8.4644.0",
"product_id": "11676-11572"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 \u003c4.8.4644.0",
"product_id": "46"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 4.8.4644.0",
"product_id": "11676-11926"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 \u003c4.8.4644.0",
"product_id": "47"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 4.8.4644.0",
"product_id": "11676-11929"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 \u003c4.8.4644.0",
"product_id": "48"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 4.8.4644.0",
"product_id": "11676-11927"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 \u003c4.8.4644.0",
"product_id": "49"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 4.8.4644.0",
"product_id": "11676-12097"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 \u003c4.8.4644.0",
"product_id": "50"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 4.8.4644.0",
"product_id": "11676-11930"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 \u003c4.8.4644.0",
"product_id": "51"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 4.8.4644.0",
"product_id": "11676-12099"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 \u003c4.8.4644.0",
"product_id": "52"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 4.8.4644.0",
"product_id": "11676-11931"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.7.2 \u003c4.8.4644.0",
"product_id": "37"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.7.2 4.8.4644.0",
"product_id": "11677-11568"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.7.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 \u003c4.8.4644.0",
"product_id": "53"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 4.8.4644.0",
"product_id": "11676-12098"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.7.2 \u003c4.8.4644.0",
"product_id": "38"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.7.2 4.8.4644.0",
"product_id": "11677-11569"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.7.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.7.2 \u003c4.8.4644.0",
"product_id": "39"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.7.2 4.8.4644.0",
"product_id": "11677-11570"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.7.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.7.2 \u003c4.8.4644.0",
"product_id": "40"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.7.2 4.8.4644.0",
"product_id": "11677-11571"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.7.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.7.2 \u003c4.8.4644.0",
"product_id": "41"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.7.2 4.8.4644.0",
"product_id": "11677-11572"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.7.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 \u003c4.8.4644.0",
"product_id": "54"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 4.8.4644.0",
"product_id": "11676-11571"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.14393.5989",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 \u003c10.0.14393.5989",
"product_id": "33"
}
},
{
"category": "product_version",
"name": "10.0.14393.5989",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 10.0.14393.5989",
"product_id": "11723-10816"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.14393.5989",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 \u003c10.0.14393.5989",
"product_id": "34"
}
},
{
"category": "product_version",
"name": "10.0.14393.5989",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 10.0.14393.5989",
"product_id": "11723-10853"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.14393.5989",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 \u003c10.0.14393.5989",
"product_id": "35"
}
},
{
"category": "product_version",
"name": "10.0.14393.5989",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 10.0.14393.5989",
"product_id": "11723-10855"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.14393.5989",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 \u003c10.0.14393.5989",
"product_id": "36"
}
},
{
"category": "product_version",
"name": "10.0.14393.5989",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 10.0.14393.5989",
"product_id": "11723-10852"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 \u003c4.8.4644.0",
"product_id": "62"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 4.8.4644.0",
"product_id": "11650-10855"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 \u003c4.8.4644.0",
"product_id": "63"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 4.8.4644.0",
"product_id": "11650-10853"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 \u003c4.7.4050.0",
"product_id": "27"
}
},
{
"category": "product_version",
"name": "4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 4.7.4050.0",
"product_id": "11863-10051"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 \u003c4.7.4050.0",
"product_id": "28"
}
},
{
"category": "product_version",
"name": "4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 4.7.4050.0",
"product_id": "11863-10049"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 \u003c4.7.4050.0",
"product_id": "29"
}
},
{
"category": "product_version",
"name": "4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 4.7.4050.0",
"product_id": "11863-10378"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 \u003c4.7.4050.0",
"product_id": "30"
}
},
{
"category": "product_version",
"name": "4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 4.7.4050.0",
"product_id": "11863-10379"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 \u003c4.7.4050.0",
"product_id": "31"
}
},
{
"category": "product_version",
"name": "4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 4.7.4050.0",
"product_id": "11863-10483"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 \u003c4.7.4050.0",
"product_id": "32"
}
},
{
"category": "product_version",
"name": "4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 4.7.4050.0",
"product_id": "11863-10543"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 \u003c4.8.9166.0",
"product_id": "10"
}
},
{
"category": "product_version",
"name": "4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 4.8.9166.0",
"product_id": "12079-11923"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8.1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 \u003c4.8.9166.0",
"product_id": "11"
}
},
{
"category": "product_version",
"name": "4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 4.8.9166.0",
"product_id": "12079-11924"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8.1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 \u003c4.8.9166.0",
"product_id": "12"
}
},
{
"category": "product_version",
"name": "4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 4.8.9166.0",
"product_id": "12079-11926"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8.1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 \u003c4.8.9166.0",
"product_id": "13"
}
},
{
"category": "product_version",
"name": "4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 4.8.9166.0",
"product_id": "12079-11929"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8.1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 \u003c4.8.9166.0",
"product_id": "14"
}
},
{
"category": "product_version",
"name": "4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 4.8.9166.0",
"product_id": "12079-11930"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8.1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 \u003c4.8.9166.0",
"product_id": "15"
}
},
{
"category": "product_version",
"name": "4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 4.8.9166.0",
"product_id": "12079-11927"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8.1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 \u003c4.8.9166.0",
"product_id": "16"
}
},
{
"category": "product_version",
"name": "4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 4.8.9166.0",
"product_id": "12079-11931"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8.1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 \u003c4.8.9166.0",
"product_id": "17"
}
},
{
"category": "product_version",
"name": "4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 4.8.9166.0",
"product_id": "12079-12086"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8.1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 \u003c4.8.9166.0",
"product_id": "18"
}
},
{
"category": "product_version",
"name": "4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 4.8.9166.0",
"product_id": "12079-12097"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8.1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 \u003c4.8.9166.0",
"product_id": "19"
}
},
{
"category": "product_version",
"name": "4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 4.8.9166.0",
"product_id": "12079-12099"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8.1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 \u003c4.8.9166.0",
"product_id": "20"
}
},
{
"category": "product_version",
"name": "4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 4.8.9166.0",
"product_id": "12079-12085"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8.1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 \u003c4.8.9166.0",
"product_id": "21"
}
},
{
"category": "product_version",
"name": "4.8.9166.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8.1 4.8.9166.0",
"product_id": "12079-12098"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8.1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 \u003c4.8.4644.0",
"product_id": "64"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 4.8.4644.0",
"product_id": "11650-10543"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2 \u003c4.7.4050.0",
"product_id": "6"
}
},
{
"category": "product_version",
"name": "4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2 4.7.4050.0",
"product_id": "12115-10287"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.6.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2 \u003c4.7.4050.0",
"product_id": "7"
}
},
{
"category": "product_version",
"name": "4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2 4.7.4050.0",
"product_id": "12115-9312"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.6.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2 \u003c4.7.4050.0",
"product_id": "8"
}
},
{
"category": "product_version",
"name": "4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2 4.7.4050.0",
"product_id": "12115-9318"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.6.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2 \u003c4.7.4050.0",
"product_id": "9"
}
},
{
"category": "product_version",
"name": "4.7.4050.0",
"product": {
"name": "Microsoft .NET Framework 4.6.2 4.7.4050.0",
"product_id": "12115-9344"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.6.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.10240.19983",
"product": {
"name": "Microsoft .NET Framework 3.5 and 4.6.2 \u003c10.0.10240.19983",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "10.0.10240.19983",
"product": {
"name": "Microsoft .NET Framework 3.5 and 4.6.2 10.0.10240.19983",
"product_id": "12128-10729"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 and 4.6.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.10240.19983",
"product": {
"name": "Microsoft .NET Framework 3.5 and 4.6.2 \u003c10.0.10240.19983",
"product_id": "5"
}
},
{
"category": "product_version",
"name": "10.0.10240.19983",
"product": {
"name": "Microsoft .NET Framework 3.5 and 4.6.2 10.0.10240.19983",
"product_id": "12128-10735"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 and 4.6.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 \u003c4.8.4644.0",
"product_id": "65"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 4.8 4.8.4644.0",
"product_id": "11650-10379"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 4.8"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 \u003c4.8.4644.0",
"product_id": "55"
}
},
{
"category": "product_version",
"name": "4.8.4644.0",
"product": {
"name": "Microsoft .NET Framework 3.5 AND 4.8 4.8.4644.0",
"product_id": "11676-11569"
}
}
],
"category": "product_name",
"name": "Microsoft .NET Framework 3.5 AND 4.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-24897",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "general",
"text": "Microsoft",
"title": "Assigning CNA"
},
{
"category": "faq",
"text": "The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.\nFor example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.",
"title": "According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?"
}
],
"product_status": {
"fixed": [
"10566",
"10577",
"11600",
"11650-10049",
"11650-10051",
"11650-10378",
"11650-10379",
"11650-10483",
"11650-10543",
"11650-10816",
"11650-10852",
"11650-10853",
"11650-10855",
"11676-11568",
"11676-11569",
"11676-11571",
"11676-11572",
"11676-11923",
"11676-11924",
"11676-11926",
"11676-11927",
"11676-11929",
"11676-11930",
"11676-11931",
"11676-12097",
"11676-12098",
"11676-12099",
"11677-11568",
"11677-11569",
"11677-11570",
"11677-11571",
"11677-11572",
"11723-10816",
"11723-10852",
"11723-10853",
"11723-10855",
"11863-10049",
"11863-10051",
"11863-10378",
"11863-10379",
"11863-10483",
"11863-10543",
"11935",
"11969",
"11970",
"12009",
"12051",
"12079-11923",
"12079-11924",
"12079-11926",
"12079-11927",
"12079-11929",
"12079-11930",
"12079-11931",
"12079-12085",
"12079-12086",
"12079-12097",
"12079-12098",
"12079-12099",
"12115-10287",
"12115-9312",
"12115-9318",
"12115-9344",
"12128-10729",
"12128-10735",
"12129",
"12130",
"12187"
],
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"62",
"63",
"64",
"65",
"66",
"67",
"68"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-24897 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24897"
},
{
"category": "self",
"summary": "CVE-2023-24897 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24897"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "15.9.55:Security Update:https://docs.microsoft.com/en-us/visualstudio/releasenotes/vs2017-relnotes",
"product_ids": [
"66"
],
"url": "https://docs.microsoft.com/en-us/visualstudio/releasenotes/vs2017-relnotes"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "17.2.16:Security Update:https://docs.microsoft.com/en-us/visualstudio/releases/2022/release-notes",
"product_ids": [
"22"
],
"url": "https://docs.microsoft.com/en-us/visualstudio/releases/2022/release-notes"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "16.11.27:Security Update:https://docs.microsoft.com/en-us/visualstudio/releases/2019/release-notes-v16.11",
"product_ids": [
"26"
],
"url": "https://docs.microsoft.com/en-us/visualstudio/releases/2019/release-notes-v16.11"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "17.0.22:Security Update:https://docs.microsoft.com/en-us/visualstudio/releases/2022/release-notes-v17.0",
"product_ids": [
"25"
],
"url": "https://docs.microsoft.com/en-us/visualstudio/releases/2022/release-notes-v17.0"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "17.4.8:Security Update:https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes",
"product_ids": [
"3"
],
"url": "https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "12.0.40700.0:Security Update:https://support.microsoft.com/help/5026610",
"product_ids": [
"68"
],
"url": "https://support.microsoft.com/help/5026610"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "14.0.27555.0:Security Update:https://support.microsoft.com/help/5025792",
"product_ids": [
"67"
],
"url": "https://support.microsoft.com/help/5025792"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "7.0.7:Security Update:https://support.microsoft.com/help/5027798",
"product_ids": [
"2"
],
"url": "https://support.microsoft.com/help/5027798"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "6.0.18:Security Update:https://support.microsoft.com/help/5027797",
"product_ids": [
"23"
],
"url": "https://support.microsoft.com/help/5027797"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "17.6.3:Security Update:https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes",
"product_ids": [
"1"
],
"url": "https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "7.2.12:Security Update:https://github.com/PowerShell/Announcements/issues/40",
"product_ids": [
"24"
],
"url": "https://github.com/PowerShell/Announcements/issues/40"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.8.4644.0:Security Update:https://support.microsoft.com/help/5027544",
"product_ids": [
"42",
"43"
],
"url": "https://support.microsoft.com/help/5027544"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.8.4644.0:Monthly Rollup:https://support.microsoft.com/help/5027540",
"product_ids": [
"56",
"58"
],
"url": "https://support.microsoft.com/help/5027540"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.8.4644.0:Security Only:https://support.microsoft.com/help/5027531",
"product_ids": [
"56",
"58"
],
"url": "https://support.microsoft.com/help/5027531"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.8.4644.0:Monthly Rollup:https://support.microsoft.com/help/5027542",
"product_ids": [
"57",
"64"
],
"url": "https://support.microsoft.com/help/5027542"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.8.4644.0:Security Only:https://support.microsoft.com/help/5027533",
"product_ids": [
"57",
"64"
],
"url": "https://support.microsoft.com/help/5027533"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.8.4644.0:Security Update:https://support.microsoft.com/help/5027536",
"product_ids": [
"44",
"45",
"38",
"54",
"55"
],
"url": "https://support.microsoft.com/help/5027536"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.8.4644.0:Security Update:https://support.microsoft.com/help/5027123",
"product_ids": [
"59",
"61",
"62",
"63"
],
"url": "https://support.microsoft.com/help/5027123"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.8.4644.0:Monthly Rollup:https://support.microsoft.com/help/5027541",
"product_ids": [
"60",
"65"
],
"url": "https://support.microsoft.com/help/5027541"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.8.4644.0:Security Only:https://support.microsoft.com/help/5027532",
"product_ids": [
"60",
"65"
],
"url": "https://support.microsoft.com/help/5027532"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.8.4644.0:Security Update:https://support.microsoft.com/help/5027539",
"product_ids": [
"46",
"48"
],
"url": "https://support.microsoft.com/help/5027539"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.8.4644.0:Security Update:https://support.microsoft.com/help/5027537",
"product_ids": [
"47",
"50",
"52"
],
"url": "https://support.microsoft.com/help/5027537"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.8.4644.0:Security Update:https://support.microsoft.com/help/5027538",
"product_ids": [
"49",
"51",
"53"
],
"url": "https://support.microsoft.com/help/5027538"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.7.4050.0:Security Update:https://support.microsoft.com/help/5027536",
"product_ids": [
"37",
"39",
"40",
"41"
],
"url": "https://support.microsoft.com/help/5027536"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "10.0.14393.5989:Security Update:https://support.microsoft.com/help/5027219",
"product_ids": [
"33",
"34",
"35",
"36"
],
"url": "https://support.microsoft.com/help/5027219"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.7.04043.0:Monthly Rollup:https://support.microsoft.com/help/5027540",
"product_ids": [
"27",
"28"
],
"url": "https://support.microsoft.com/help/5027540"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.7.4050.0:Security Only:https://support.microsoft.com/help/5027531",
"product_ids": [
"27",
"28"
],
"url": "https://support.microsoft.com/help/5027531"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.7.04043.0:Monthly Rollup:https://support.microsoft.com/help/5027541",
"product_ids": [
"29",
"30"
],
"url": "https://support.microsoft.com/help/5027541"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.7.4050.0:Security Only:https://support.microsoft.com/help/5027532",
"product_ids": [
"29",
"30"
],
"url": "https://support.microsoft.com/help/5027532"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.7.04043.0:Monthly Rollup:https://support.microsoft.com/help/5027542",
"product_ids": [
"31",
"32"
],
"url": "https://support.microsoft.com/help/5027542"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.7.4050.0:Security Only:https://support.microsoft.com/help/5027533",
"product_ids": [
"31",
"32"
],
"url": "https://support.microsoft.com/help/5027533"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.8.9166.0:Security Update:https://support.microsoft.com/help/5027544",
"product_ids": [
"10",
"11"
],
"url": "https://support.microsoft.com/help/5027544"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.8.9166.0:Security Update:https://support.microsoft.com/help/5027539",
"product_ids": [
"12",
"15"
],
"url": "https://support.microsoft.com/help/5027539"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.8.9166.0:Security Update:https://support.microsoft.com/help/5027537",
"product_ids": [
"13",
"14",
"16"
],
"url": "https://support.microsoft.com/help/5027537"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.8.9166.0:Security Update:https://support.microsoft.com/help/5027119",
"product_ids": [
"17",
"20"
],
"url": "https://support.microsoft.com/help/5027119"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.8.9166.0:Security Update:https://support.microsoft.com/help/5027538",
"product_ids": [
"18",
"19",
"21"
],
"url": "https://support.microsoft.com/help/5027538"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.7.04043.0:Monthly Rollup:https://support.microsoft.com/help/5027543",
"product_ids": [
"6",
"7",
"8",
"9"
],
"url": "https://support.microsoft.com/help/5027543"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "4.7.4050.0:Security Only:https://support.microsoft.com/help/5027534",
"product_ids": [
"6",
"7",
"8",
"9"
],
"url": "https://support.microsoft.com/help/5027534"
},
{
"category": "vendor_fix",
"date": "2023-06-13T07:00:00.000Z",
"details": "10.0.10240.19983:Security Update:https://support.microsoft.com/help/5027230",
"product_ids": [
"4",
"5"
],
"url": "https://support.microsoft.com/help/5027230"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 6.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"62",
"63",
"64",
"65",
"66",
"67",
"68"
]
}
],
"threats": [
{
"category": "impact",
"details": "Remote Code Execution"
},
{
"category": "exploit_status",
"details": "Exploited:No;Latest Software Release:Exploitation Less Likely"
}
],
"title": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…