CVE-2022-24767

HIGH

Git for Windows Uninstaller < - DLL Hijacking

Title source: llm

Description

GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account.

References (1)

Scores

CVSS v3 7.8
EPSS 0.0120
EPSS Percentile 78.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE
CWE-427
Status published

Affected Products (4)

microsoft/visual_studio_2017 < 15.9.46
microsoft/visual_studio_2019 < 16.7.27
microsoft/visual_studio_2022 < 17.0.8
git_for_windows_project/git_for_windows < 2.35.2

Timeline

Published Apr 12, 2022
Tracked Since Feb 18, 2026