CVE-2024-49049

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Nov 12, 2024
Updated: Nov 13, 2024
CWE ID 284

Summary

CVE-2024-49049 is a newly disclosed vulnerability affecting Visual Studio Code's remote extension feature. This elevation of privilege issue allows an attacker to gain heightened access to a victim's system by exploiting a flaw in the extension's functionality. Successful exploitation could result in the execution of arbitrary code and potential data theft or system damage. Users are advised to update their Visual Studio Code installations and extensions to the latest versions to mitigate this risk. Developers are encouraged to implement secure coding practices to prevent similar vulnerabilities in the future.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share