CVE-2025-32703
published 2025-05-13CVE-2025-32703: Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | microsoft_visual_studio_2017_version_15.9 | >= 15.9.0 < 15.9.73 | 15.9.73 |
| microsoft | microsoft_visual_studio_2019_version_16.11 | >= 16.11.0 < 16.11.47 | 16.11.47 |
| microsoft | microsoft_visual_studio_2022_version_17.10 | >= 17.10.0 < 17.10.14 | 17.10.14 |
| microsoft | microsoft_visual_studio_2022_version_17.12 | >= 17.12.0 < 17.12.8 | 17.12.8 |
| microsoft | microsoft_visual_studio_2022_version_17.13 | >= 17.13.0 < 17.13.7 | 17.13.7 |
| microsoft | microsoft_visual_studio_2022_version_17.8 | >= 17.8.0 < 17.8.21 | 17.8.21 |
| microsoft | visual_studio_2017 | >= 15.0 < 15.9.73 | 15.9.73 |
| microsoft | visual_studio_2019 | >= 16.0 < 16.11.47 | 16.11.47 |
| microsoft | visual_studio_2022 | >= 17.10.0 < 17.10.14 | 17.10.14 |
| microsoft | visual_studio_2022 | >= 17.12.0 < 17.12.8 | 17.12.8 |
| microsoft | visual_studio_2022 | >= 17.13.0 < 17.13.7 | 17.13.7 |
| microsoft | visual_studio_2022 | >= 17.8.0 < 17.8.21 | 17.8.21 |
| msrc | microsoft_visual_studio_2017_version_15.9 | — | — |
| msrc | microsoft_visual_studio_2019_version_16.11 | — | — |
| msrc | microsoft_visual_studio_2022_version_17.10 | — | — |
| msrc | microsoft_visual_studio_2022_version_17.12 | — | — |
| msrc | microsoft_visual_studio_2022_version_17.13 | — | — |
| msrc | microsoft_visual_studio_2022_version_17.8 | — | — |