CVE-2025-21173

HIGH

.NET - Privilege Escalation

Title source: llm

.NET Elevation of Privilege Vulnerability

Core 2

Core References

Various Sources

Vendor Advisory vendor-advisory patch

CVSS v3 7.3

EPSS 0.0200

EPSS Percentile 83.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

CWE

CWE-379

Status published

Products (3)

microsoft/.net 8.0.0

microsoft/.net 9.0.0

microsoft/visual_studio_2022 17.6.0 - 17.6.22

Published Jan 14, 2025

Tracked Since Feb 18, 2026