Microsoft Visual Studio 2017 Version 15.9 vulnerabilities

CVE-2025-55240 [HIGH] CWE-284 CVE-2025-55240: Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.

CVE-2025-49739 [HIGH] CWE-59 CVE-2025-49739: Improper link resolution before file access ('link following') in Visual Studio allows an unauthoriz Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network.

CVE-2025-32703 [MEDIUM] CWE-200 CVE-2025-32703: Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclos Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.

CVE-2025-24998 [HIGH] CWE-427 CVE-2025-24998: Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privilege Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

CVE-2025-21206 [HIGH] CWE-427 CVE-2025-21206: Visual Studio Installer Elevation of Privilege Vulnerability Visual Studio Installer Elevation of Privilege Vulnerability

CVE-2025-21176 [HIGH] CWE-126 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

CVE-2025-21178 [HIGH] CWE-122 Visual Studio Remote Code Execution Vulnerability Visual Studio Remote Code Execution Vulnerability Visual Studio Remote Code Execution Vulnerability

CVE-2025-21172 [HIGH] CWE-190 .NET and Visual Studio Remote Code Execution Vulnerability .NET and Visual Studio Remote Code Execution Vulnerability .NET and Visual Studio Remote Code Execution Vulnerability

CVE-2024-43590 [HIGH] CWE-284 CVE-2024-43590: Visual C++ Redistributable Installer Elevation of Privilege Vulnerability Visual C++ Redistributable Installer Elevation of Privilege Vulnerability

CVE-2024-43603 [MEDIUM] CWE-59 CVE-2024-43603: Visual Studio Collector Service Denial of Service Vulnerability Visual Studio Collector Service Denial of Service Vulnerability

CVE-2024-35272 [HIGH] CWE-122 CVE-2024-35272: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

CVE-2024-30052 [MEDIUM] CWE-693 Visual Studio Remote Code Execution Vulnerability Visual Studio Remote Code Execution Vulnerability Visual Studio Remote Code Execution Vulnerability

CVE-2024-29060 [MEDIUM] CWE-284 CVE-2024-29060: Visual Studio Elevation of Privilege Vulnerability Visual Studio Elevation of Privilege Vulnerability

CVE-2024-20656 [HIGH] CWE-59 CVE-2024-20656: Visual Studio Elevation of Privilege Vulnerability Visual Studio Elevation of Privilege Vulnerability

CVE-2023-36796 [HIGH] CWE-191 Visual Studio Remote Code Execution Vulnerability Visual Studio Remote Code Execution Vulnerability Visual Studio Remote Code Execution Vulnerability

CVE-2023-36792 [HIGH] CWE-190 Visual Studio Remote Code Execution Vulnerability Visual Studio Remote Code Execution Vulnerability Visual Studio Remote Code Execution Vulnerability

CVE-2023-36793 [HIGH] CWE-122 Visual Studio Remote Code Execution Vulnerability Visual Studio Remote Code Execution Vulnerability Visual Studio Remote Code Execution Vulnerability

CVE-2023-36794 [HIGH] CWE-191 Visual Studio Remote Code Execution Vulnerability Visual Studio Remote Code Execution Vulnerability Visual Studio Remote Code Execution Vulnerability

CVE-2023-36897 [MEDIUM] CWE-20 CVE-2023-36897: Visual Studio Tools for Office Runtime Spoofing Vulnerability Visual Studio Tools for Office Runtime Spoofing Vulnerability

CVE-2023-24897 [HIGH] CWE-122 CVE-2023-24897: .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability