PT-2023-7216 · Microsoft+6 · Net+8

Chudypb

Published

2023-11-14

Updated

2024-12-13

CVE-2023-36049

CVSS v2.0

8.0

High

Vector

AV:N/AC:L/Au:S/C:P/I:C/A:P

Name of the Vulnerable Software and Affected Versions .NET, .NET Framework, and Visual Studio (affected versions not specified)

Description The issue is related to insufficient access restrictions in the Microsoft .NET Framework and Visual Studio, allowing a remote attacker to elevate their privileges. This can affect the system, potentially leading to unauthorized actions. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-264

Related Identifiers

ALSA-2023:7253

ALSA-2023:7254

ALSA-2023:7255

ALSA-2023:7256

ALSA-2023:7257

ALSA-2023:7258

ALT-PU-2024-1066

ALT-PU-2024-1067

ALT-PU-2024-1068

ALT-PU-2024-1069

ALT-PU-2024-16792

ALT-PU-2024-16794

ALT-PU-2024-16796

ALT-PU-2024-16939

ALT-PU-2024-2554

ALT-PU-2024-2556

ALT-PU-2024-2557

ALT-PU-2024-2761

ALT-PU-2024-2763

ALT-PU-2024-2765

ALT-PU-2024-2767

BDU:2023-08244

BIT-DOTNET-2023-36049

BIT-DOTNET-SDK-2023-36049

CESA-2023_7254

CESA-2023_7256

CESA-2023_7258

CVE-2023-36049

GHSA-C3HF-8VGX-72RH

RHSA-2023:7253

RHSA-2023:7254

RHSA-2023:7255

RHSA-2023:7256

RHSA-2023:7257

RHSA-2023:7258

RHSA-2023:7259

RHSA-2023_7253

RHSA-2023_7254

RHSA-2023_7255

RHSA-2023_7256

RHSA-2023_7257

RHSA-2023_7258

RLSA-2023:7256

RLSA-2023:7258

USN-6480-1

ZDI-23-1639

Affected Products

.Net Framework

Alt Linux

Almalinux

Centos

Linuxmint

Net

Red Hat

Ubuntu

Visual Studio

PT-2023-7216 · Microsoft+6 · Net+8

CVE-2023-36049

Weakness Enumeration

Related Identifiers

Affected Products

References · 58