What is CVE-2022-24512?

CVE-2022-24512 is a .NET and Visual Studio remote code execution vulnerability.

How severe is CVE-2022-24512?

CVE-2022-24512 has a severity level of 6.3 (high).

Which software versions are affected by CVE-2022-24512?

CVE-2022-24512 affects Visual Studio 2019 versions 16.0 - 16.10, Visual Studio 2022 version 17.0, .NET 6.0, PowerShell 7.2, .NET 5.0, .NET Core 3.1, Visual Studio 2019 versions 16.0 - 16.6, PowerShell 7.1, and Visual Studio 2019 versions 16.0 - 16.8.

How can I fix CVE-2022-24512?

To fix CVE-2022-24512, update to Visual Studio 2019 version 16.11, Visual Studio 2022 version 17.0, .NET 6.0, PowerShell 7.2, .NET 5.0, .NET Core 3.1, Visual Studio 2019 version 16.7, PowerShell 7.1, or Visual Studio 2019 version 16.9.

Where can I find more information about CVE-2022-24512?

You can find more information about CVE-2022-24512 at the following reference link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512

Vulnerability/
CVE-2022-24512

medium

6.8

CWE

119

8/3/2022

18/10/2022

22/4/2024

CVE-2022-24512: .NET and Visual Studio Remote Code Execution Vulnerability

First published: Tue Mar 08 2022(Updated: )

.NET and Visual Studio Remote Code Execution Vulnerability

Credit: secure@microsoft.com secure@microsoft.com secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Visual Studio 2019 (includes 16.0 - 16.8)	=16.9	fix available externally
Microsoft Visual Studio 2019 (includes 16.0 – 16.6)	=16.7	fix available externally
Microsoft PowerShell 7.0		fix available externally
Microsoft .NET Core	=3.1	fix available externally
Microsoft Visual Studio 2019 (includes 16.0 - 16.10)	=16.11	fix available externally
Microsoft .NET 6.0		fix available externally
Microsoft PowerShell 7.1		fix available externally
Microsoft .NET 5.0		fix available externally
Microsoft Visual Studio 2022	=17.0	fix available externally
Microsoft .NET	=5.0
Microsoft .NET	=6.0.0
Microsoft .NET Core	=3.1
Microsoft PowerShell	>=7.0<7.0.9
Microsoft PowerShell	>=7.1<7.1.6
Microsoft PowerShell	>=7.2<7.2.2
Microsoft Visual Studio 2019	>=16.0<=16.6.4
Microsoft Visual Studio 2019	>=16.7.0<16.7.26
Microsoft Visual Studio 2019	>=16.8.0<=16.8.7
Microsoft Visual Studio 2019	>=16.9.0<16.9.18
Microsoft Visual Studio 2019	>=16.10.0<=16.10.4
Microsoft Visual Studio 2019	>=16.11.0<16.11.11
Microsoft Visual Studio 2022	>=17.0<17.0.7
Fedoraproject Fedora	=34
Fedoraproject Fedora	=35
Fedoraproject Fedora	=36
Microsoft Visual Studio 2022	>=17.0.0<17.0.7
nuget/Microsoft.NETCore.App.Runtime.win-x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.win-x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.win-arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.win-arm	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.osx-x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.osx-arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.win-x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.win-x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64.Msi.x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64.Msi.x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64.Msi.arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.tvos-arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.osx-x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.osx-arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.linux-x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.linux-arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.linux-arm	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.ios-arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.ios-arm	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.browser-wasm	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.android-x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.android-arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.Mono.android-arm	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.linux-x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.linux-musl-x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.linux-arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.linux-arm	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm.Msi.x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86.Msi.x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64.Msi.x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64.Msi.x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm.Msi.x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvossimulator-x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvossimulator-arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvos-arm64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-x64	>=6.0.0<6.0.3	6.0.3
nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-arm64	>=6.0.0<6.0.3	6.0.3
	=5.0
	=6.0.0
	=3.1
	>=7.0<7.0.9
	>=7.1<7.1.6
	>=7.2<7.2.2
	>=16.0<=16.6.4
	>=16.7.0<16.7.26
	>=16.8.0<=16.8.7
	>=16.9.0<16.9.18
	>=16.10.0<=16.10.4
	>=16.11.0<16.11.11
	>=17.0<17.0.7
	=34
	=35
	=36

Remedy

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2022-24512?
CVE-2022-24512 is a .NET and Visual Studio remote code execution vulnerability.
How severe is CVE-2022-24512?
CVE-2022-24512 has a severity level of 6.3 (high).
Which software versions are affected by CVE-2022-24512?
CVE-2022-24512 affects Visual Studio 2019 versions 16.0 - 16.10, Visual Studio 2022 version 17.0, .NET 6.0, PowerShell 7.2, .NET 5.0, .NET Core 3.1, Visual Studio 2019 versions 16.0 - 16.6, PowerShell 7.1, and Visual Studio 2019 versions 16.0 - 16.8.
How can I fix CVE-2022-24512?
To fix CVE-2022-24512, update to Visual Studio 2019 version 16.11, Visual Studio 2022 version 17.0, .NET 6.0, PowerShell 7.2, .NET 5.0, .NET Core 3.1, Visual Studio 2019 version 16.7, PowerShell 7.1, or Visual Studio 2019 version 16.9.
Where can I find more information about CVE-2022-24512?
You can find more information about CVE-2022-24512 at the following reference link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512

collector/msrc
collector/mitre-cve
agent/type
agent/first-publish-date
collector/msrc-cve
source/Microsoft
agent/title
agent/remedy
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-api
collector/nvd-index
collector/github-advisory-latest
source/GitHub
alias/GHSA-c6w8-7mp3-34j9
alias/CVE-2022-24512
agent/severity
agent/last-modified-date
agent/weakness
agent/references
agent/description
agent/author
agent/softwarecombine
agent/tags
agent/event
collector/nvd-cve
source/NVD
collector/github-advisory
vendor/microsoft
canonical/microsoft visual studio 2019 (includes 16.0 - 16.8)
version/microsoft visual studio 2019 (includes 16.0 - 16.8)/16.9
canonical/microsoft visual studio 2019 (includes 16.0 – 16.6)
version/microsoft visual studio 2019 (includes 16.0 – 16.6)/16.7
canonical/microsoft powershell 7.0
canonical/microsoft .net core
version/microsoft .net core/3.1
canonical/microsoft visual studio 2019 (includes 16.0 - 16.10)
version/microsoft visual studio 2019 (includes 16.0 - 16.10)/16.11
canonical/microsoft .net 6.0
canonical/microsoft powershell 7.1
canonical/microsoft .net 5.0
canonical/microsoft powershell 7.2
canonical/microsoft visual studio 2022
version/microsoft visual studio 2022/17.0
canonical/microsoft .net
version/microsoft .net/5.0
version/microsoft .net/6.0.0
canonical/microsoft powershell
version/microsoft powershell/7.0
version/microsoft powershell/7.1
version/microsoft powershell/7.2
canonical/microsoft visual studio 2019
version/microsoft visual studio 2019/16.0
version/microsoft visual studio 2019/16.6.4
version/microsoft visual studio 2019/16.7.0
version/microsoft visual studio 2019/16.8.0
version/microsoft visual studio 2019/16.8.7
version/microsoft visual studio 2019/16.9.0
version/microsoft visual studio 2019/16.10.0
version/microsoft visual studio 2019/16.10.4
version/microsoft visual studio 2019/16.11.0
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/34
version/fedoraproject fedora/35
version/fedoraproject fedora/36
version/microsoft visual studio 2022/17.0.0
package-manager/nuget