CVE-2021-27068
published 2021-05-11CVE-2021-27068: Visual Studio Remote Code Execution Vulnerability Visual Studio Remote Code Execution Vulnerability
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
53.58%
98.9th percentile
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | microsoft_visual_studio_2019_version_16.4 | >= 16.0 < publication | publication |
| microsoft | microsoft_visual_studio_2019_version_16.7 | >= 16.0.0 < publication | publication |
| microsoft | microsoft_visual_studio_2019_version_16.9 | >= 15.0.0 < publication | publication |
| msrc | microsoft_visual_studio_2019_version_16.4 | — | — |
| msrc | microsoft_visual_studio_2019_version_16.7 | — | — |
| msrc | microsoft_visual_studio_2019_version_16.9 | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
cvelistv58.8HIGH
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Visual Studio Remote Code Execution Vulnerability
vendor_msrc·2021-05-11·CVSS 8.8
CVE-2021-27068 [HIGH] Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
Visual Studio: Visual Studio
Microsoft: Microsoft
Impact: Remote Code Execution
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A
Remediation: Release Notes
Reference: https://my.visualstudio.com/Downloads?q=Visual Studio 2019 version 16.4
Reference: https://my.visualstudio.com/Downloads?q=Visual Studio 2019 version 16.7
Reference: http://aka.ms/vs/16/release/latest
CVEList
Visual Studio Remote Code Execution Vulnerability
cvelistv5·2021-05-11·CVSS 8.8
CVE-2021-27068 [HIGH] Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
No detection rules found.
No public exploits indexed.
2021-05-11
Published