What is CVE-2019-1211?

CVE-2019-1211 is a vulnerability in Microsoft Visual Studio 2017. Published 2019-08-14.

Is CVE-2019-1211 known to be exploited?

7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Visual Studio 2017

CVE-2019-1211

An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files. An attacker who successfully exploited the vulnerability could execute code in the context of another local user. To exp…

EPSS: 0.004 (62.6th percentile) — read the EPSS interpretation.

Affected products

Microsoft Visual Studio 2017 — versions 15.0
Microsoft Visual Studio 2017 Version 15.9 (Includes 15.0 - 15.8) — versions 15.9.0
Microsoft Visual Studio 2019 Version 16.0 — versions 16.0
Microsoft Visual Studio 2019 Version 16.2 — versions 16.0

Public proof-of-concept exploits

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1211 (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-1211?: CVE-2019-1211 is a vulnerability in Microsoft Visual Studio 2017. Published 2019-08-14.
Is CVE-2019-1211 known to be exploited?: 7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.