Vulnerability CVE-2023-24897: Information

Description

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Fixed packages

References to Advisories, Solutions, and Tools

1. Affected configurations:

   1. Configuration 1

      cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

      ---

      Configuration 2

      cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

      ---

      Configuration 3

      cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

      ---

      Configuration 4

      cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*

      ---

      Configuration 5

      cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:arm64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:x64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*

      ---

      Configuration 6

      cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:x64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:arm64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*

      ---

      Configuration 7

      cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*

      ---

      Configuration 8

      cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*

      ---

      Running on/with:

      cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

      ---

      Configuration 9

      cpe:2.3:a:microsoft:.net:6.0.0:-:*:*:*:*:*:*

      ---

      cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*

      ---

      Configuration 10

      cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*

      ---

      cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*

      Start including

      15.0

      End including

      15.8

      ---

      cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*

      Start including

      16.0

      End including

      16.10

      ---

      cpe:2.3:a:microsoft:visual_studio:2015:update5:*:*:*:*:*:*

      ---

      cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*

      Start including

      16.11

      End excliding

      16.11.27

      ---

      cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*

      Start including

      17.0

      End excliding

      17.0.22

      ---

      cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*

      Start including

      17.2

      End excliding

      17.2.16

      ---

      cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*

      Start including

      17.4

      End excliding

      17.4.8

      ---

      cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*

      Start including

      17.6

      End excliding

      17.6.3

      ---

      cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*

      Start including

      15.9

      End excliding

      15.9.55

      ---