CVE-2025-24043

Name of the Vulnerable Software and Affected Versions WinDbg versions prior to 9.0.607501 dotnet-sos versions prior to 9.0.607501 dotnet-dump versions prior to 9.0.607501 dotnet-debugger-extensions versions prior to 9.0.607601

Description A severe vulnerability in Microsoft's WinDbg allows attackers to execute arbitrary code remotely through improper cryptographic signature validation. This flaw arises from the extension's inability to properly validate cryptographic signatures during debugging sessions. Authenticated attackers with network access could exploit this vulnerability to execute arbitrary code on affected systems, leading to significant security breaches. The primary attack vector leverages the integration of the .NET CLI and Visual Studio's Package Manager NuGet, allowing attackers to either compromise NuGet package repositories or intercept network traffic to replace safe debugging components with malicious tampered versions. Successful exploitation provides attackers SYSTEM-level privileges on vulnerable systems.

Recommendations To fix the issue, please install the latest version of WinDbg. If your application references the vulnerable package, update the package reference to the patched version. For dotnet-sos, update to version 9.0.607501 or later. For dotnet-dump, update to version 9.0.607501 or later. For dotnet-debugger-extensions, update to version 9.0.607601 or later.