First published: Tue Jul 09 2024(Updated: )
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
Credit: secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft .NET 8.0 | ||
Microsoft .NET 6.0 | ||
nuget/Microsoft.IO.Redist | >=4.6.0-preview.18571.3<=6.0.0 | 6.0.1 |
Microsoft .NET Framework 4 | =3.0 | |
Microsoft .NET Framework 4 | =4.6.2 | |
Microsoft .NET Framework 4 | =3.5 | |
Microsoft .NET Framework 4 | =2.0 | |
Microsoft .NET Framework 4 | =4.8 | |
Microsoft .NET Framework 4 | =3.5 | |
Microsoft .NET Framework 4 | =4.6.2=4.7=4.7.1=4.7.2 | |
Microsoft .NET Framework 4 | =3.5.1 | |
Microsoft .NET Framework 4 | =4.6.2=4.7=4.7.1=4.7.2 | |
Microsoft .NET Framework 4 | =4.8 | |
Microsoft .NET Framework 4 | =3.5 | |
Microsoft .NET Framework 4 | =4.6.2=4.7=4.7.1=4.7.2 | |
Microsoft .NET Framework 4 | =4.6=4.6.2 | |
Microsoft .NET Framework 4 | =4.8 | |
Microsoft .NET Framework 4 | =4.6.2=4.7=4.7.1=4.7.2 | |
Microsoft .NET Framework 4 | =4.8 | |
Microsoft .NET Framework 4 | =3.5=4.7.2 | |
Microsoft .NET Framework 4 | =3.5 | |
Microsoft .NET Framework 4 | =3.5=4.7.2 | |
Microsoft .NET Framework 4 | =3.5=4.7.2 | |
Microsoft .NET Framework 4 | =3.5=4.8 | |
Microsoft .NET Framework 4 | =3.5=4.8.1 | |
Microsoft .NET Framework 4 | =3.5=4.8 | |
Microsoft .NET Framework 4 | =3.5=4.8.1 | |
Microsoft .NET Framework 4 | =3.5=4.8 | |
Microsoft .NET Framework 4 | =3.5=4.8.1 | |
Microsoft .NET Framework 4 | =3.5=4.8.1 | |
Microsoft .NET Framework 4 | =3.5=4.8 | |
Microsoft .NET Framework 4 | =3.5=4.8.1 | |
Microsoft .NET Framework 4 | =3.5=4.8.1 | |
Microsoft .NET Framework 4 | =3.5=4.8.1 | |
Visual Studio Community 2022 | =17.6 | |
Visual Studio Community 2022 | =17.8 | |
All of | ||
Any of | ||
Microsoft .NET Framework 4 | =4.6.2 | |
Microsoft .NET Framework 4 | =4.7 | |
Microsoft .NET Framework 4 | =4.7.1 | |
Microsoft .NET Framework 4 | =4.7.2 | |
Any of | ||
Microsoft Windows Server | =r2-sp1 | |
Microsoft Windows Server | ||
Microsoft Windows Server | =r2 | |
All of | ||
Any of | ||
Microsoft .NET Framework 4 | =3.5 | |
Microsoft .NET Framework 4 | =4.8 | |
Any of | ||
Microsoft Windows 10 | ||
Microsoft Windows 10 | ||
Microsoft Windows 10 | ||
Microsoft Windows 10 | ||
Microsoft Windows 10 | ||
Windows 11 | ||
Microsoft Windows Server | =r2 | |
Microsoft Windows Server | ||
Microsoft Windows Server | =r2 | |
Microsoft Windows Server 2016 | ||
Microsoft Windows Server 2019 | ||
Microsoft Windows Server 2022 | ||
All of | ||
Microsoft .NET Framework 4 | =3.5.1 | |
Microsoft Windows Server | =r2 | |
All of | ||
Microsoft .NET Framework 4 | =3.5 | |
Any of | ||
Microsoft Windows Server | =sp2 | |
Microsoft Windows Server | =sp2 | |
Microsoft Windows Server | ||
Microsoft Windows Server | =r2 | |
All of | ||
Microsoft .NET Framework 4 | =3.0-sp2 | |
Any of | ||
Microsoft Windows Server | =sp2 | |
Microsoft Windows Server | =sp2 | |
All of | ||
Microsoft .NET Framework 4 | =2.0-sp2 | |
Any of | ||
Microsoft Windows Server | =sp2 | |
Microsoft Windows Server | =sp2 | |
All of | ||
Microsoft .NET Framework 4 | =4.6.2 | |
Any of | ||
Microsoft Windows Server | =sp2 | |
Microsoft Windows Server | =sp2 | |
All of | ||
Microsoft .NET Framework 4 | =4.8.1 | |
Any of | ||
Microsoft Windows 10 | ||
Microsoft Windows 10 | ||
Windows 11 | ||
Windows 11 | ||
Windows 11 | ||
Microsoft Windows Server 2022 | ||
Microsoft Windows Server 2022 | ||
Microsoft .NET Framework | >=6.0.0<6.0.32 | |
Visual Studio Community 2022 | >=17.4<17.4.21 | |
Visual Studio Community 2022 | >=17.6<17.6.17 | |
Visual Studio Community 2022 | >=17.8<17.8.12 | |
All of | ||
Any of | ||
Microsoft .NET Framework 4 | =3.5 | |
Microsoft .NET Framework 4 | =4.7.2 | |
Any of | ||
Microsoft Windows 10 | ||
Microsoft Windows 10 | ||
Microsoft Windows 10 | ||
Microsoft Windows Server 2016 | ||
Microsoft Windows Server 2019 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-38081 is classified as an Elevation of Privilege Vulnerability.
CVE-2024-38081 affects multiple versions of .NET Framework, Visual Studio 2022, and various .NET products on Windows.
To address CVE-2024-38081, apply the latest patches or updates from Microsoft for the affected products.
CVE-2024-38081 can potentially allow an attacker to gain elevated privileges on a vulnerable system.
Monitoring logs for unusual authorization attempts or running vulnerability scans can help identify potential exploitation of CVE-2024-38081.