Vulnerability in Microsoft Visual Studio 2017 Version 15.9 (Includes 15.1 - 15.8)
CVE-2020-0899
An elevation of privilege vulnerability exists when Microsoft Visual Studio updater service improperly handles file permissions, aka 'Microsoft Visual Studio Elevation of Privilege Vulnerability'.
EPSS: 0.002 (48.3th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Visual Studio 2017 Version 15.9 (Includes 15.1 - 15.8) — versions unspecified
- Microsoft Visual Studio 2019 — versions 16.0
- Microsoft Visual Studio 2019 Version 16.4 (Includes 16.0 - 16.3) — versions unspecified
- Microsoft Visual Studio 2019 Version 16.5 — versions unspecified
References
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0899 (x_refsource_MISC)