Is CVE-2020-1416 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Azure Storage Explorer

CVE-2020-1416

An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka 'Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability'.

EPSS: 0.099 (93.1th percentile) — read the EPSS interpretation.

Affected products

Microsoft Azure Storage Explorer — versions unspecified
Microsoft Visual Studio 2017 Version 15.9 (Includes 15.0 - 15.8) — versions unspecified
Microsoft Visual Studio 2019 — versions 16.0
Microsoft Visual Studio 2019 Version 16.4 (Includes 16.0 - 16.3) — versions unspecified
Microsoft Visual Studio 2019 Version 16.6 (Includes 16.0 - 16.5) — versions unspecified
Microsoft Typescript — versions unspecified
Microsoft Visual Studio Code — versions unspecified

Public proof-of-concept exploits

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1416 (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-1416?: CVE-2020-1416 is a vulnerability in Microsoft Azure Storage Explorer. Published 2020-07-14.
Is CVE-2020-1416 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.