~/products/msrc/powershell_7.4

pipeline liveDigest Docs

Msrc Powershell 7.4 vulnerabilities

13 known vulnerabilities affecting msrc/powershell_7.4.

Total CVEs

13

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH11MEDIUM2

Vulnerabilities

Page 1 of 1

CVE-2025-25004HIGHCVSS 7.32025-10-14

CVE-2025-25004 [HIGH] CWE-284 PowerShell Elevation of Privilege Vulnerability PowerShell Elevation of Privilege Vulnerability Description: Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could create, modify, or delete files in the security context of the "NT AUTHORITY\SYSTEM" acc

CVE-2025-49734HIGHCVSS 7.02025-09-09

CVE-2025-49734 [HIGH] CWE-923 PowerShell Direct Elevation of Privilege Vulnerability PowerShell Direct Elevation of Privilege Vulnerability Description: Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? The attacker, initially a non-admin user on the host, could hijack the PowerShell Direct session

CVE-2025-30399HIGHCVSS 7.52025-06-10

CVE-2025-30399 [HIGH] CWE-426 .NET and Visual Studio Remote Code Execution Vulnerability .NET and Visual Studio Remote Code Execution Vulnerability Description: Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? This attack requires a victim to perform a specific action, such as copying files or executing a command, an

CVE-2024-43484HIGHCVSS 7.52024-10-08

CVE-2024-43484 [HIGH] CWE-407 .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability .NET, .NET Framework, Visual Studio: .NET, .NET Framework, Visual Studio Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely Remediation: Release Notes Reference: https://github.com/PowerShell/A

CVE-2024-43483HIGHCVSS 7.52024-10-08

CVE-2024-43483 [HIGH] CWE-407 .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability .NET, .NET Framework, Visual Studio: .NET, .NET Framework, Visual Studio Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely Remediation: Release Notes Reference: https://github.com/PowerShell/A

CVE-2024-43485HIGHCVSS 7.52024-10-08

CVE-2024-43485 [HIGH] CWE-407 .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio: .NET and Visual Studio Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely Remediation: Release Notes Reference: https://github.com/PowerShell/Announcements/issues/71 Reference: https://my.visualstudio.c

CVE-2024-38095HIGHCVSS 7.52024-07-09

CVE-2024-38095 [HIGH] CWE-20 .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio: .NET and Visual Studio Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely Remediation: Release Notes Reference: https://github.com/PowerShell/Announcements/issues/64 Reference: https://dotnet.microsoft.c

CVE-2024-30105HIGHCVSS 7.52024-07-09

CVE-2024-30105 [HIGH] CWE-400 .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio: .NET and Visual Studio Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely Reference: https://dotnet.microsoft.com/en-us/download/dotnet/8.0 Reference: https://support.microsoft.com/help/5041081 Remediat

CVE-2024-30045MEDIUMCVSS 6.32024-05-14

CVE-2024-30045 [MEDIUM] CWE-122 .NET and Visual Studio Remote Code Execution Vulnerability .NET and Visual Studio Remote Code Execution Vulnerability FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to minor loss of confidentiality (C:L), integrity (I:L) and availability (A:L). What does that mean for this vulnerability? While we cannot rule out the impact to Confidentiality, Integrity, and Availability, the ability to exploit this vulnerability by it

CVE-2024-21409HIGHCVSS 7.32024-04-09

CVE-2024-21409 [HIGH] CWE-416 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. Additionally, an attacker could convince

CVE-2024-21392HIGHCVSS 7.52024-03-12

CVE-2024-21392 [HIGH] CWE-400 .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio Denial of Service Vulnerability .NET: .NET Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;DOS:N/A Remediation: Release Notes Reference: https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.9 Reference: https://learn.microsoft.com/en-us/v

CVE-2024-26190HIGHCVSS 7.52024-03-12

CVE-2024-26190 [HIGH] CWE-400 Microsoft QUIC Denial of Service Vulnerability Microsoft QUIC Denial of Service Vulnerability Microsoft QUIC: Microsoft QUIC Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;DOS:N/A Remediation: Release Notes Reference: https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.9 Reference: https://learn.microsoft.com/en-

CVE-2023-36013MEDIUMCVSS 6.52023-11-14

CVE-2023-36013 [MEDIUM] CWE-798 PowerShell Information Disclosure Vulnerability PowerShell Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is data inside the targeted website like IDs, tokens, cryptographic nonces, and other sensitive information. Microsoft PowerShell: Microsoft PowerShell Microsoft: Microsoft Customer Action Re