Home

CVE-2023-33126

Description

.NET and Visual Studio Remote Code Execution Vulnerability

Risk Information

Base Score
7.3
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.927

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities fixed in Update for AspNet Core (x64) (6.0.18)Windows
Multiple vulnerabilities fixed in Update for AspNet Core (x86) (6.0.18)Windows
Multiple vulnerabilities fixed in Update for AspNet Core (x64) (7.0.7)Windows
Multiple vulnerabilities fixed in Update for AspNet Core (x86) (7.0.7)Windows
Multiple Vulnerabilities are affected in Microsoft Visual Studio Community 2022 17.0.21Windows
Multiple Vulnerabilities are affected in Microsoft Visual Studio Enterprise 2022 17.0.21Windows
Multiple Vulnerabilities are affected in Microsoft Visual Studio Professional 2022 17.0.21Windows
Multiple vulnerabilities are fixed in Microsoft Visual Studio Community 2022 17.6.3Windows
Multiple vulnerabilities are fixed in Microsoft Visual Studio Community 2022 17.4.8Windows
Multiple vulnerabilities are fixed in Microsoft Visual Studio Community 2022 17.2.16Windows
Multiple vulnerabilities are fixed in Microsoft Visual Studio Community 2022 17.0.22Windows
Multiple vulnerabilities are fixed in Microsoft Visual Studio Enterprise 2022 17.6.3Windows
Multiple vulnerabilities are fixed in Microsoft Visual Studio Enterprise 2022 17.4.8Windows
Multiple vulnerabilities are fixed in Microsoft Visual Studio Enterprise 2022 17.2.16Windows
Multiple vulnerabilities are fixed in Microsoft Visual Studio Enterprise 2022 17.0.22Windows
Multiple vulnerabilities are fixed in Microsoft Visual Studio Professional 2022 17.6.3Windows
Multiple vulnerabilities are fixed in Microsoft Visual Studio Professional 2022 17.4.8Windows
Multiple vulnerabilities are fixed in Microsoft Visual Studio Professional 2022 17.2.16Windows
Multiple vulnerabilities are fixed in Microsoft Visual Studio Professional 2022 17.0.22Windows
Vulnerabilities CVE-2023-33126,CVE-2023-33128,CVE-2023-29331,CVE-2023-24936,CVE-2023-24897 are fixed in Nuget-Microsoft.NETCore.App.Runtime.win-arm 7.0.7Windows
Vulnerabilities CVE-2023-33126,CVE-2023-29331,CVE-2023-24936,CVE-2023-24897 are fixed in Nuget-Microsoft.NETCore.App.Runtime.win-arm 6.0.18Windows
Vulnerabilities CVE-2023-33126,CVE-2023-33128,CVE-2023-29331,CVE-2023-24936,CVE-2023-24897 are fixed in Nuget - Microsoft.NETCore.App.Runtime.win-arm64 7.0.7Windows
Vulnerabilities CVE-2023-33126,CVE-2023-29331,CVE-2023-24936,CVE-2023-24897 are fixed in Nuget - Microsoft.NETCore.App.Runtime.win-arm64 6.0.18Windows
Vulnerabilities CVE-2023-33126,CVE-2023-33128,CVE-2023-29331,CVE-2023-24936,CVE-2023-24897 are fixed in Nuget - Microsoft.NETCore.App.Runtime.win-x64 7.0.7Windows
Vulnerabilities CVE-2023-33126,CVE-2023-29331,CVE-2023-24936,CVE-2023-24897 are fixed in Nuget - Microsoft.NETCore.App.Runtime.win-x64 6.0.18Windows
Vulnerabilities CVE-2023-33126,CVE-2023-29331,CVE-2023-24936,CVE-2023-24897 are fixed in Nuget - Microsoft.NETCore.App.Runtime.win-x86 6.0.18Windows
Vulnerabilities CVE-2023-33126,CVE-2023-33128,CVE-2023-29331,CVE-2023-24936,CVE-2023-24897 are fixed in Nuget - Microsoft.NETCore.App.Runtime.win-x86 7.0.7Windows
Vulnerabilities CVE-2023-33126,CVE-2023-33128,CVE-2023-29331,CVE-2023-24936,CVE-2023-24897 are fixed in Nuget-Microsoft.NETCore.App.Runtime.win-arm for Linux 7.0.7Linux
Vulnerabilities CVE-2023-33126,CVE-2023-29331,CVE-2023-24936,CVE-2023-24897 are fixed in Nuget-Microsoft.NETCore.App.Runtime.win-arm for Linux 6.0.18Linux
Vulnerabilities CVE-2023-33126,CVE-2023-33128,CVE-2023-29331,CVE-2023-24936,CVE-2023-24897 are fixed in Nuget - Microsoft.NETCore.App.Runtime.win-arm64 for Linux 7.0.7Linux
Vulnerabilities CVE-2023-33126,CVE-2023-29331,CVE-2023-24936,CVE-2023-24897 are fixed in Nuget - Microsoft.NETCore.App.Runtime.win-arm64 for Linux 6.0.18Linux
Vulnerabilities CVE-2023-33126,CVE-2023-33128,CVE-2023-29331,CVE-2023-24936,CVE-2023-24897 are fixed in Nuget - Microsoft.NETCore.App.Runtime.win-x64 for Linux 7.0.7Linux
Vulnerabilities CVE-2023-33126,CVE-2023-29331,CVE-2023-24936,CVE-2023-24897 are fixed in Nuget - Microsoft.NETCore.App.Runtime.win-x64 for Linux 6.0.18Linux
Vulnerabilities CVE-2023-33126,CVE-2023-29331,CVE-2023-24936,CVE-2023-24897 are fixed in Nuget - Microsoft.NETCore.App.Runtime.win-x86 for Linux 6.0.18Linux
Vulnerabilities CVE-2023-33126,CVE-2023-33128,CVE-2023-29331,CVE-2023-24936,CVE-2023-24897 are fixed in Nuget - Microsoft.NETCore.App.Runtime.win-x86 for Linux 7.0.7Linux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-109505Update for AspNet Core (x64) (6.0.18)
PATCH-109506Update for AspNet Core (x86) (6.0.18)
PATCH-109511Update for AspNet Core (x64) (7.0.7)
PATCH-109512Update for AspNet Core (x86) (7.0.7)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234