Vulnerability in Microsoft Visual Studio
CVE-2019-1232
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations, aka 'Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability'.
EPSS: 0.003 (51.5th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Visual Studio — versions 2015 Update 3
- Microsoft Visual Studio 2017 — versions version 15.9, 15.0
- Microsoft Visual Studio 2019 — versions 16.0, 16.2
- Microsoft Windows — versions 10 for 32-bit Systems, 10 for x64-based Systems, 10 Version 1607 for 32-bit Systems
- Microsoft Windows 10 Version 1903 For 32-bit Systems — versions unspecified
- Microsoft Windows 10 Version 1903 For Arm64-based Systems — versions unspecified
- Microsoft Windows 10 Version 1903 For X64-based Systems — versions unspecified
- Microsoft Windows Server — versions 2016, 2016 (Core installation), version 1803 (Core Installation)
- Microsoft Windows Server, Version 1903 (Server Core Installation) — versions unspecified
References
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1232 (x_refsource_MISC)