CVE-2023-21815: Visual Studio Remote Code Execution Vulnerability
First published: Tue Feb 14 2023(Updated: )
Visual Studio Remote Code Execution Vulnerability
Credit: secure@microsoft.com secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Visual Studio 2017 | >=15.0<15.9.52 | |
| Microsoft Visual Studio 2019 | >=16.0<16.11.24 | |
| Microsoft Visual Studio 2022 | >=17.0<17.0.19 | |
| Microsoft Visual Studio 2022 | >=17.2<17.2.13 | |
| Microsoft Visual Studio 2022 | >=17.4<17.4.5 | |
| =5 | ||
| =17.4 | ||
| =3 | ||
| =17.2 | ||
| =16.11 | ||
| =17.0 | ||
| =15.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-21815?
CVE-2023-21815 is a Visual Studio Remote Code Execution Vulnerability.
What is the severity of CVE-2023-21815?
CVE-2023-21815 has a severity value of 7.8 (Critical).
Which versions of Visual Studio are affected by CVE-2023-21815?
CVE-2023-21815 affects Microsoft Visual Studio 2022 (versions 17.2, 17.4, and 17.0), Microsoft Visual Studio 2017 (version 15.9), Microsoft Visual Studio 2019 (version 16.11), and Microsoft Visual Studio 2015 (version 3).
How can I fix CVE-2023-21815 in Visual Studio 2022 version 17.2?
To fix CVE-2023-21815 in Visual Studio 2022 version 17.2, you can download the patch from the following URL: [https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.2](https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.2).
Where can I find more information about CVE-2023-21815?
You can find more information about CVE-2023-21815 on the Microsoft Security Response Center website: [https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21815](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21815).
- collector/msrc
- agent/type
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/references
- agent/severity
- agent/remedy
- agent/title
- agent/description
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- collector/msrc-cve
- source/Microsoft
- agent/softwarecombine
- agent/software-canonical-lookup
- agent/event
- collector/nvd-api
- source/NVD
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/tags
- vendor/microsoft
- canonical/microsoft visual studio 2017
- version/microsoft visual studio 2017/15.0
- canonical/microsoft visual studio 2019
- version/microsoft visual studio 2019/16.0
- canonical/microsoft visual studio 2022
- version/microsoft visual studio 2022/17.0
- version/microsoft visual studio 2022/17.2
- version/microsoft visual studio 2022/17.4
- canonical/microsoft visual studio 2013
- version/microsoft visual studio 2013/5
- canonical/microsoft visual studio 2019 (includes 16.0 - 16.10)
- version/microsoft visual studio 2019 (includes 16.0 - 16.10)/16.11
- canonical/microsoft visual studio 2015
- version/microsoft visual studio 2015/3
- canonical/microsoft visual studio 2017 (includes 15.0 - 15.8)
- version/microsoft visual studio 2017 (includes 15.0 - 15.8)/15.9