CVE-2023-33170

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Jul 11, 2023
Updated: Jan 1, 2025
CWE ID 362

Summary

CVE-2023-33170 is a newly disclosed security vulnerability affecting ASP.NET and Visual Studio. This issue enables an attacker to bypass security features, potentially leading to unauthorized access or data theft. The flaw is related to the way ASP.NET and Visual Studio handle view components, allowing attackers to execute arbitrary code. Developers are urged to update their systems to the latest patches as soon as possible to mitigate this risk. This vulnerability can have serious consequences, including data breaches and unauthorized access to sensitive information.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft .NET Framework
  • Microsoft Visual Studio 2022
  • Fedora Operating System

Affected Vendors

  • Microsoft
  • Fedora Project