CVE-2020-0900

Summary

An elevation of privilege vulnerability exists when the Visual Studio Extension Installer Service improperly handles file operations, aka 'Visual Studio Extension Installer Service Elevation of Privilege Vulnerability'.

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Visual Studio 2019 version 16.5unspecifiedaffected
MicrosoftMicrosoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)unspecifiedaffected
MicrosoftMicrosoft Visual Studio 201916.0affected
MicrosoftMicrosoft Visual Studio2015 Update 3affected
MicrosoftMicrosoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)unspecifiedaffected

Weaknesses

  • Elevation of Privilege

ADP Enrichment

CVE Program Container

Additional References

References