CVE-2022-35777

CWE-94 — Code Injection3 documents3 sources

Severity

8.8HIGH

No vector

EPSS

0.7%

top 28.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

8

Microsoft Microsoft Visual Studio 2012 Update 5 Microsoft Microsoft Visual Studio 2013 Update 5 Microsoft Microsoft Visual Studio 2015 Update 3 +5 more

Timeline

PublishedAug 9

Latest updateAug 10

Description

Visual Studio Remote Code Execution Vulnerability Visual Studio Remote Code Execution Vulnerability

Affected Packages8 packages

▶CVEListV5microsoft/microsoft_visual_studio_2012_update_511.0.0 — 11.0.61252.0

▶CVEListV5microsoft/microsoft_visual_studio_2013_update_512.0.0 — 12.0.40699.0

▶CVEListV5microsoft/microsoft_visual_studio_2015_update_314.0.0 — 14.0.27552.0

▶CVEListV5microsoft/microsoft_visual_studio_2022_version_17.017.0.0 — 17.0.13

▶CVEListV5microsoft/microsoft_visual_studio_2022_version_17.217.2.0 — 17.2.7

🔴Vulnerability Details

2

GHSA

GHSA-6cvm-432m-8w2x: Visual Studio Remote Code Execution Vulnerability↗2022-08-10

▶

CVEList

Visual Studio Remote Code Execution Vulnerability↗2022-08-09

▶

📋Vendor Advisories

1

Microsoft

Visual Studio Remote Code Execution Vulnerability↗2022-08-09

▶