PT-2025-24906 · Microsoft+8 · Net+9

Jony_Juice

·

Published

2025-06-10

·

Updated

2025-12-16

·

CVE-2025-30399

CVSS v2.0

7.6

High

VectorAV:N/AC:H/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions .NET versions prior to 8.0.17 .NET versions prior to 9.0.6
Description A remote code execution vulnerability exists in .NET 8.0 and 9.0 due to improper validation of search paths in Microsoft.NETCore.App.Runtime. An attacker could exploit this vulnerability by placing malicious files in specific locations, leading to unintended code execution.
Recommendations To fix the vulnerability, update your system to the following package versions:
  • .NET SDK 8.0 to version 8.0.117 or later
  • .NET Runtime 8.0 to version 8.0.17 or later
  • .NET SDK 9.0 to version 9.0.107 or later
  • .NET Runtime 9.0 to version 9.0.6 or later Additionally, if you have deployed self-contained applications targeting any of the impacted versions, these applications are also vulnerable and must be recompiled and redeployed.

Fix

RCE

Untrusted Search Path

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-426

Related Identifiers

ALSA-2025:8812
ALSA-2025:8813
ALSA-2025:8814
ALSA-2025:8815
ALSA-2025:8816
ALSA-2025:8817
ALT-PU-2025-13074
ALT-PU-2025-13076
ALT-PU-2025-13672
ALT-PU-2025-15794
BDU:2025-07085
BIT-DOTNET-2025-30399
BIT-DOTNET-SDK-2025-30399
BIT-POWERSHELL-2025-30399
CESA-2025_8812
CESA-2025_8815
CVE-2025-30399
GHSA-266M-WP2V-X7MQ
INFSA-2025_8812
INFSA-2025_8813
INFSA-2025_8815
INFSA-2025_8817
RHSA-2025:8812
RHSA-2025:8813
RHSA-2025:8814
RHSA-2025:8815
RHSA-2025:8816
RHSA-2025:8817
RHSA-2025:9066
RHSA-2025_8812
RHSA-2025_8813
RHSA-2025_8815
RHSA-2025_8817
USN-7563-1

Affected Products

Alt Linux
Almalinux
Centos
Linuxmint
Net
Red Hat
Red Os
Rocky Linux
Ubuntu
Visual Studio