CVE-2022-35827: Visual Studio Remote Code Execution Vulnerability
First published: Tue Aug 09 2022(Updated: )
Visual Studio Remote Code Execution Vulnerability
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Visual Studio 2012 | =5 | |
| Microsoft Visual Studio 2015 | =3 | |
| Microsoft Visual Studio 2017 (includes 15.0 - 15.8) | =15.9 | |
| Microsoft Visual Studio 2019 (includes 16.0 - 16.10) | =16.11 | |
| Microsoft Visual Studio 2019 (includes 16.0 - 16.8) | =16.9 | |
| Microsoft Visual Studio 2013 | =5 | |
| Microsoft Visual Studio 2022 | =17.2 | |
| Microsoft Visual Studio 2022 | =17.0 | |
| Microsoft Visual Studio | =2012-update_5 | |
| Microsoft Visual Studio | =2013-update_5 | |
| Microsoft Visual Studio | =2015-update3 | |
| Microsoft Visual Studio 2017 | =15.9 | |
| Microsoft Visual Studio 2019 | =16.9 | |
| Microsoft Visual Studio 2019 | =16.11 | |
| Microsoft Visual Studio 2022 | =17.0 | |
| Microsoft Visual Studio 2022 | =17.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-35827?
CVE-2022-35827 is a remote code execution vulnerability in Visual Studio.
How severe is CVE-2022-35827?
CVE-2022-35827 has a severity rating of 8.8 (high).
Which versions of Visual Studio are affected by CVE-2022-35827?
CVE-2022-35827 affects Visual Studio 2012 (update 5), Visual Studio 2013 (update 5), Visual Studio 2015 (update 3), Visual Studio 2017 (version 15.9), Visual Studio 2019 (versions 16.9 and 16.11), and Visual Studio 2022 (versions 17.0 and 17.2).
How can I fix CVE-2022-35827?
To fix CVE-2022-35827, you should apply the corresponding patches or updates provided by Microsoft for your specific version of Visual Studio. Links to the patches and updates can be found in the Microsoft Security Response Center (MSRC) update guide for CVE-2022-35827.
Where can I find more information about CVE-2022-35827?
More information about CVE-2022-35827 can be found in the Microsoft Security Response Center (MSRC) update guide for CVE-2022-35827.
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/description
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/references
- agent/severity
- agent/author
- agent/title
- agent/tags
- collector/mitre-cve
- source/MITRE
- collector/msrc-cve
- source/Microsoft
- agent/software-canonical-lookup
- vendor/microsoft
- canonical/microsoft visual studio
- version/microsoft visual studio/2012-update_5
- version/microsoft visual studio/2013-update_5
- version/microsoft visual studio/2015-update3
- canonical/microsoft visual studio 2017
- version/microsoft visual studio 2017/15.9
- canonical/microsoft visual studio 2019
- version/microsoft visual studio 2019/16.9
- version/microsoft visual studio 2019/16.11
- canonical/microsoft visual studio 2022
- version/microsoft visual studio 2022/17.0
- version/microsoft visual studio 2022/17.2
- canonical/microsoft visual studio 2019 (includes 16.0 - 16.10)
- version/microsoft visual studio 2019 (includes 16.0 - 16.10)/16.11
- canonical/microsoft visual studio 2015
- version/microsoft visual studio 2015/3
- canonical/microsoft visual studio 2012
- version/microsoft visual studio 2012/5
- canonical/microsoft visual studio 2013
- version/microsoft visual studio 2013/5
- canonical/microsoft visual studio 2017 (includes 15.0 - 15.8)
- version/microsoft visual studio 2017 (includes 15.0 - 15.8)/15.9
- canonical/microsoft visual studio 2019 (includes 16.0 - 16.8)
- version/microsoft visual studio 2019 (includes 16.0 - 16.8)/16.9