CVE-2025-21173

HIGH

.NET - Privilege Escalation

Title source: llm
STIX 2.1

Description

.NET Elevation of Privilege Vulnerability

References (2)

Core 2

Scores

CVSS v3 7.3
EPSS 0.0122
EPSS Percentile 65.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-379
Status published
Products (9)
microsoft/.net 8.0.0
microsoft/.net 9.0.0
Microsoft/.NET 8.0 8.0.0 - 8.0.12
Microsoft/.NET 9.0 9.0.0 - 9.0.1
Microsoft/Microsoft Visual Studio 2022 version 17.10 17.10.0 - 17.10.10
Microsoft/Microsoft Visual Studio 2022 version 17.12 17.12.0 - 17.12.4
Microsoft/Microsoft Visual Studio 2022 version 17.6 17.6.0 - 17.6.22
Microsoft/Microsoft Visual Studio 2022 version 17.8 17.8.0 - 17.8.17
microsoft/visual_studio_2022 17.6.0 - 17.6.22
Published Jan 14, 2025
Tracked Since Feb 18, 2026