An elevation of privilege vulnerability exists when the Visual Studio Extension Installer Service improperly handles file operations, aka ‘Visual Studio Extension Installer Service Elevation of Privilege Vulnerability’.
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Visual_studio_2015 | Microsoft | update_3 | update_3 |
Visual_studio_2017 | Microsoft | 15.9 | 15.9 |
Visual_studio_2019 | Microsoft | 16.0 | 16.0 |
Visual_studio_2019 | Microsoft | 16.4 | 16.4 |
Visual_studio_2019 | Microsoft | 16.5.0 | 16.5.0 |