PT-2023-3299 · Microsoft+7 · Net+9

H01

Published

2023-06-13

Updated

2024-12-13

CVE-2023-24936

CVSS v2.0

7.6

High

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions .NET, .NET Framework, and Visual Studio (affected versions not specified)

Description The issue is related to insufficient access control in Microsoft's .NET Framework, .NET, and Visual Studio, allowing an attacker to elevate their privileges. This can potentially impact the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

ALSA-2023:3581

ALSA-2023:3582

ALSA-2023:3592

ALSA-2023:3593

ALT-PU-2023-4590

ALT-PU-2023-4591

ALT-PU-2023-4592

ALT-PU-2023-4593

ALT-PU-2023-4594

ALT-PU-2023-4595

ALT-PU-2023-4610

ALT-PU-2023-4611

ALT-PU-2024-16792

ALT-PU-2024-16794

ALT-PU-2024-16796

ALT-PU-2024-16939

BDU:2023-03440

BIT-DOTNET-2023-24936

BIT-DOTNET-SDK-2023-24936

CESA-2023_3582

CESA-2023_3593

CVE-2023-24936

GHSA-JX7Q-XXMW-44VF

RHSA-2023:3580

RHSA-2023:3581

RHSA-2023:3582

RHSA-2023:3592

RHSA-2023:3593

RHSA-2023_3581

RHSA-2023_3582

RHSA-2023_3592

RHSA-2023_3593

RLSA-2023:3582

RLSA-2023:3593

USN-6161-1

USN-6161-2

Affected Products

.Net Framework

Alt Linux

Almalinux

Centos

Linuxmint

Net

Red Hat

Rocky Linux

Ubuntu

Visual Studio

PT-2023-3299 · Microsoft+7 · Net+9

CVE-2023-24936

Weakness Enumeration

Related Identifiers

Affected Products

References · 71