Multiple vulnerabilities in Microsoft Visual Studio



Published: 2023-04-11 | Updated: 2023-06-08
Risk High
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2023-28299
CVE-2023-28262
CVE-2023-28263
CVE-2023-28296
CWE-ID CWE-451
CWE-264
CWE-125
CWE-20
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
Subscribe 		Visual Studio
Universal components / Libraries / Software for developers

Vendor Microsoft

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Spoofing attack

EUVDB-ID: #VU74867

Risk: Medium

CVSSv3.1: 6.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2023-28299

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of newline characters in extension's name. A remote attacker can manually add newline characters to the tag <DisplayName> under the "extension.vsixmanifest" file, which will hide information about digital signature of an unsigned extension leading to a spoofing attack.

Successful exploitation of the vulnerability will require a victim to install a malicious extension.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Visual Studio: 16.0 - 2017 version 15.9

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-28299
http://www.varonis.com/blog/visual-studio-bug


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

2) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU74871

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-28262

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to application does not properly impose security restrictions in Visual Studio, which leads to security restrictions bypass and privilege escalation.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Visual Studio: 16.0 - 17.5.0 17.5.33414.496

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-28262


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds read

EUVDB-ID: #VU74870

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-28263

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in Visual Studio. A local user can trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Visual Studio: 16.0 - 17.5.0 17.5.33414.496

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-28263


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Input validation error

EUVDB-ID: #VU74868

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-28296

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists due to insufficient validation of user-supplied input in Visual Studio. A remote attacker can pass specially crafted input to the application and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Visual Studio: 16.0 - 2017 version 15.9

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-28296


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###