CVE-2019-1077 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2019-1077

CWE

https://cwe.mitre.org/data/definitions/.html

An elevation of privilege vulnerability exists when the Visual Studio updater service improperly handles file permissions, aka Visual Studio Elevation of Privilege Vulnerability.

Affected Software

Name	Vendor	Start Version	End Version
Visual_studio_2017	Microsoft	15.9 (including)	15.9 (including)
Visual_studio_2019	Microsoft	16.0 (including)	16.0 (including)
Visual_studio_2019	Microsoft	16.1 (including)	16.1 (including)

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1077