CVE-2024-38081

HIGH

Microsoft .NET and .NET Framework - Elevation of Privilege

Title source: llm

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

Core 1

Core References

Patch, Vendor Advisory vendor-advisory

CVSS v3 7.3

EPSS 0.0080

EPSS Percentile 74.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

CWE

CWE-59

Status published

Products (13)

microsoft/.net 6.0.0 - 6.0.32

microsoft/.net_framework 4.6.2

microsoft/.net_framework 4.7

microsoft/.net_framework 4.7.1

microsoft/.net_framework 4.7.2

microsoft/.net_framework 3.5

microsoft/.net_framework 4.8

microsoft/.net_framework 3.5.1

microsoft/.net_framework 3.0 sp2

microsoft/.net_framework 2.0 sp2

... and 3 more

Published Jul 09, 2024

Tracked Since Feb 18, 2026