- Description
- Visual Studio Installer Elevation of Privilege Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.3
- Impact score
- 5.9
- Exploitability score
- 1.3
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- secure@microsoft.com
- CWE-427
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
More updates today: Visual Studio v17.12.5 fixes (among other things) π "Visual Studio Installer Elevation of Privilege - Uncontrolled Search Path Element allows an unauthorized attacker to elevate privileges locally." CVE-2025-21206 https://t.co/nPDvJ83wAh
@gojimmypi
27 Feb 2025
134 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
π΄ [MSRC Security Update] π CVE-2025-21206 Visual Studio Installer Elevation of Privilege Vulnerability π Tue, 11 Feb 2025 08:00:00 Z π https://t.co/NtTbDe1HdO #Microsoft #CyberSecurity
@SLouffidi
13 Feb 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-21206 Visual Studio Installer Elevation of Privilege Vulnerability https://t.co/v58WSfYd6p
@CVEnew
11 Feb 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7148C3A7-9A70-4560-9A0C-94951B2C9B49",
"versionEndExcluding": "15.9.70",
"versionStartIncluding": "15.0"
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E672587A-4C0E-40F9-9417-0E9F91BC0361",
"versionEndExcluding": "16.11.44",
"versionStartIncluding": "16.0"
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6AD60982-A18A-446A-970E-212B3F351925",
"versionEndExcluding": "17.8.18",
"versionStartIncluding": "17.8"
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "950538A7-8681-497B-BB96-A040B9989362",
"versionEndExcluding": "17.10.11",
"versionStartIncluding": "17.10"
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7F01478-80E9-4E46-AD9B-CC6D095347D3",
"versionEndExcluding": "17.12.5",
"versionStartIncluding": "17.12"
}
],
"operator": "OR"
}
]
}
]