CVE-2020-17156

CWE-94 — Code Injection3 documents3 sources

Severity

7.8HIGH

No vector

EPSS

14.5%

top 5.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

5

Microsoft Microsoft Visual Studio 2017 Version 15.9 (includes 15.0 - 15.8)Microsoft Microsoft Visual Studio 2019 Version 16.0 Microsoft Microsoft Visual Studio 2019 Version 16.4 (includes 16.0 - 16.3)+2 more

Timeline

PublishedDec 9

Latest updateMay 24

Description

Visual Studio Remote Code Execution Vulnerability Visual Studio Remote Code Execution Vulnerability

Affected Packages5 packages

▶CVEListV5microsoft/microsoft_visual_studio_2019_version_16.016.0 — publication

▶CVEListV5microsoft/microsoft_visual_studio_2019_version_16.816.0 — publication

▶CVEListV5microsoft/microsoft_visual_studio_2017_version_15.9_(includes_15.0_-_15.8)15.9.0 — publication

▶CVEListV5microsoft/microsoft_visual_studio_2019_version_16.4_(includes_16.0_-_16.3)16.0 — publication

▶CVEListV5microsoft/microsoft_visual_studio_2019_version_16.7_(includes_16.0_–_16.6)16.0.0 — publication

🔴Vulnerability Details

2

GHSA

GHSA-wmhc-c6v3-r3vr: , aka 'Visual Studio Remote Code Execution Vulnerability'↗2022-05-24

▶

CVEList

Visual Studio Remote Code Execution Vulnerability↗2020-12-09

▶

📋Vendor Advisories

1

Microsoft

Visual Studio Remote Code Execution Vulnerability↗2020-12-08

▶