Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2023-24936
PUBLISHED
More InfoOfficial Page
Assigner-microsoft
Assigner Org ID-f38d906d-7342-40ea-92c1-6c4a2c6478c8
View Known Exploited Vulnerability (KEV) details
Published At-14 Jun, 2023 | 14:52
Updated At-01 Jan, 2025 | 01:43
Rejected At-
▼CVE Numbering Authority (CNA)
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

Affected Products
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft Visual Studio 2022 version 17.2
Platforms
  • Unknown
Versions
Affected
  • From 17.2.0 before 17.2.16 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft Visual Studio 2022 version 17.0
Platforms
  • Unknown
Versions
Affected
  • From 17.0.0 before 17.0.22 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft Visual Studio 2022 version 17.4
Platforms
  • Unknown
Versions
Affected
  • From 17.4.0 before 17.4.8 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
.NET 6.0
Platforms
  • Unknown
Versions
Affected
  • From 6.0.0 before 6.0.18 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
.NET 7.0
Platforms
  • Unknown
Versions
Affected
  • From 7.0.0 before 7.0.7 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft Visual Studio 2022 version 17.6
Platforms
  • Unknown
Versions
Affected
  • From 17.6.0 before 17.6.3 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
PowerShell 7.2
Platforms
  • Unknown
Versions
Affected
  • From 7.2.0 before 7.2.12 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
PowerShell 7.3
Platforms
  • Unknown
Versions
Affected
  • From 7.3.0 before 7.3.5 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft .NET Framework 4.8
Platforms
  • Windows Server 2016 (Server Core installation)
  • Windows Server 2012 R2 (Server Core installation)
  • Windows 10 Version 1607 for 32-bit Systems
  • Windows 10 Version 1607 for x64-based Systems
  • Windows Server 2012 (Server Core installation)
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  • Windows Server 2012
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Windows Server 2012 R2
  • Windows Server 2016
Versions
Affected
  • From 4.8.0 before 4.8.4644.0 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft .NET Framework 3.5 AND 4.8
Platforms
  • Windows 10 Version 1809 for 32-bit Systems
  • Windows 10 Version 1809 for x64-based Systems
  • Windows Server 2022 (Server Core installation)
  • Windows Server 2022
  • Windows Server 2019
  • Windows 10 Version 1809 for ARM64-based Systems
  • Windows Server 2019 (Server Core installation)
  • Windows 11 version 21H2 for x64-based Systems
  • Windows 10 Version 22H2 for 32-bit Systems
  • Windows 10 Version 21H2 for 32-bit Systems
  • Windows 10 Version 22H2 for x64-based Systems
  • Windows 10 Version 21H2 for ARM64-based Systems
  • Windows 10 Version 21H2 for x64-based Systems
  • Windows 10 Version 22H2 for ARM64-based Systems
  • Windows 11 version 21H2 for ARM64-based Systems
Versions
Affected
  • From 4.8.0 before 4.8.4644.0 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft .NET Framework 3.5 AND 4.7.2
Platforms
  • Windows 10 Version 1809 for 32-bit Systems
  • Windows Server 2019
  • Windows 10 Version 1809 for ARM64-based Systems
  • Windows 10 Version 1809 for x64-based Systems
  • Windows Server 2019 (Server Core installation)
Versions
Affected
  • From 4.7.0 before 4.7.4050.0 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2
Platforms
  • Windows Server 2016
  • Windows Server 2016 (Server Core installation)
  • Windows 10 Version 1607 for 32-bit Systems
  • Windows 10 Version 1607 for x64-based Systems
Versions
Affected
  • From 3.0.0.0 before 10.0.14393.5989 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2
Platforms
  • Windows Server 2012 R2
  • Windows Server 2012
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  • Windows Server 2012 (Server Core installation)
  • Windows Server 2012 R2 (Server Core installation)
Versions
Affected
  • From 4.7.0 before 4.7.04043.0 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft .NET Framework 3.5 AND 4.8.1
Platforms
  • Windows Server 2022 (Server Core installation)
  • Windows Server 2022
  • Windows 10 Version 21H2 for 32-bit Systems
  • Windows 11 version 21H2 for ARM64-based Systems
  • Windows 11 version 21H2 for x64-based Systems
  • Windows 10 Version 22H2 for 32-bit Systems
  • Windows 11 Version 22H2 for ARM64-based Systems
  • Windows 10 Version 21H2 for ARM64-based Systems
  • Windows 10 Version 21H2 for x64-based Systems
  • Windows 10 Version 22H2 for x64-based Systems
  • Windows 11 Version 22H2 for x64-based Systems
  • Windows 10 Version 22H2 for ARM64-based Systems
Versions
Affected
  • From 4.8.1 before 4.8.9166.0 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft .NET Framework 4.6.2
Platforms
  • Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  • Windows Server 2008 for x64-based Systems Service Pack 2
  • Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  • Windows Server 2008 for 32-bit Systems Service Pack 2
Versions
Affected
  • From 4.7.0 before 4.7.04043.0 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft .NET Framework 3.5 and 4.6.2
Platforms
  • Windows 10 for 32-bit Systems
  • Windows 10 for x64-based Systems
Versions
Affected
  • From 4.7.0 before 10.0.10240.19983 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft .NET Framework 2.0 Service Pack 2
Platforms
  • Windows Server 2008 for 32-bit Systems Service Pack 2
  • Windows Server 2008 for x64-based Systems Service Pack 2
Versions
Affected
  • From 2.0.0 before 3.0.6920.8954; 2.0.50727.8970 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft .NET Framework 3.0 Service Pack 2
Platforms
  • Windows Server 2008 for x64-based Systems Service Pack 2
  • Windows Server 2008 for 32-bit Systems Service Pack 2
Versions
Affected
  • From 3.0.0 before 3.0.6920.8954; 2.0.50727.8970 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft .NET Framework 3.5.1
Platforms
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Versions
Affected
  • From 3.5.0 before 3.0.6920.8954; 2.0.50727.8970 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft .NET Framework 3.5
Platforms
  • Windows Server 2012 (Server Core installation)
  • Windows Server 2012
  • Windows Server 2012 R2 (Server Core installation)
  • Windows Server 2012 R2
Versions
Affected
  • From 3.5.0 before 3.0.6920.8954; 2.0.50727.8970 (custom)
Problem Types
TypeCWE IDDescription
ImpactN/AElevation of Privilege
Type: Impact
CWE ID: N/A
Description: Elevation of Privilege
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936
vendor-advisory
Hyperlink: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936
vendor-advisory
x_transferred
Hyperlink: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936
Resource:
vendor-advisory
x_transferred
Details not found