CVE-2025-24039

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Feb 11, 2025

CWE ID 427

Summary

CVE-2025-24039 is an elevation of privilege vulnerability affecting Visual Studio Code. Attackers can exploit this issue to gain higher access privileges within the software, potentially leading to unauthorized modification or extraction of sensitive data. The vulnerability is caused by insufficient input validation in the handling of user input during the installation process. Microsoft has released a patch to address this issue, and users are encouraged to update their Visual Studio Code installations as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2iYRyO
https://www.cve.org/CVERecord?id=CVE-2025-24039
https://nvd.nist.gov/vuln/detail/CVE-2025-24039

Back to Vulnerability Database

CVE-2025-24039

CVSS 3.1 Score 7.3 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations