CVE-2025-21206

CVSS v3.1

7.3

High

Vector

AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Visual Studio (affected versions not specified)

Description: The issue is related to an elevation of privilege vulnerability in the Visual Studio installer, which is associated with an uncontrolled search path element. Exploitation of this issue may allow an attacker to elevate their privileges.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-427

Related Identifiers

BDU:2025-01539

CVE-2025-21206

Affected Products

Visual Studio

CVE-2025-21206

Weakness Enumeration

Related Identifiers

Affected Products

References · 6