CVE-2022-26929Microsoft NET Framework 3.5 AND 4.6 4.6.2 vulnerability

5 documents5 sources
Severity
7.8HIGHNVD
EPSS
4.9%
top 10.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Microsoft NET Framework 3.5 AND 4.6 4.6.2Microsoft NET Framework 3.5 AND 4.8.1Microsoft NET Framework 4.8.1+1 more
Timeline
PublishedSep 13
Latest updateSep 14

Description

.NET Framework Remote Code Execution Vulnerability

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

CVEListV5microsoft/microsoft_net_framework_4.8.14.8.0.04.8.04556.03
CVEListV5microsoft/microsoft_net_framework_3.5_and_4.8.14.8.13.5.09082.05
CVEListV5microsoft/microsoft_net_framework_3.5_and_4.6_4.6.210.0.010.0.10240.19444
NVDmicrosoft/net_framework12 versions+11

Patches

Patch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-9g82-g79v-qfx92022-09-14
CVEList
.NET Framework Remote Code Execution Vulnerability2022-09-13

📋Vendor Advisories

2
Microsoft
.NET Framework Remote Code Execution Vulnerability2022-09-13
Red Hat
dotnet: .NET Framework Remote Code Execution Vulnerability.2022-09-13
CVE-2022-26929 — Microsoft vulnerability | cvebase