CVE-2022-24512

Summary

.NET and Visual Studio Remote Code Execution Vulnerability

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)16.0.0 < 16.7.26affected
MicrosoftMicrosoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)15.0.0 < 16.9.18affected
MicrosoftMicrosoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)16.11.0 < 16.11.11affected
MicrosoftMicrosoft Visual Studio 2022 version 17.017.0.0 < 17.0.7affected
Microsoft.NET 5.05.0.0 < 5.0.15affected
Microsoft.NET 6.06.0.0 < 6.0.3affected
Microsoft.NET Core 3.13.1 < 3.1.23affected
MicrosoftPowerShell 7.27.2.0 < 7.2.2affected
MicrosoftPowerShell 7.07.0.0 < 7.0.9affected
MicrosoftPowerShell 7.17.1.0 < 7.1.6affected

Weaknesses

  • Remote Code Execution

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References