Improperly Implemented Security Check for Standard

CVE-2024-0057

High

9.8/10

Summary

NET, NET Framework, and Visual Studio contain Security Feature Bypass Vulnerability. This vulnerability affects Microsoft.WindowsDesktop.App.Runtime package versions 6.0.x prior to 6.0.26, 7.0.x prior to 7.0.15, and 8.0.x prior to 8.0.1. This vulnerability also affects PowerShell package versions 7.2.x prior to 7.2.18, and 7.3.x prior to 7.3.11.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-358 - Improperly Implemented Security Check for Standard

The software does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.

References

Advisory
Advisory
Issue
Disclosure
Release Note
Advisory
Disclosure

Advisory Timeline

Published Jan 09, 2024

Improperly Implemented Security Check for Standard

CVE-2024-0057

Summary

CWE-358 - Improperly Implemented Security Check for Standard

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS