CVE-2025-24042

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Feb 11, 2025

CWE ID 284

Summary

CVE-2025-24042 is an elevation of privilege vulnerability affecting the JS Debug extension in Visual Studio Code. An attacker can exploit this flaw to run arbitrary code with higher privileges, potentially leading to serious security consequences. Successful exploitation requires the attacker to have the ability to load a malicious extension or manipulate a malicious debug script. Microsoft recommends updating the extension to its latest version to mitigate this risk. This issue underscores the importance of keeping software and extensions up to date to protect against potential security threats.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2iZqxh
https://www.cve.org/CVERecord?id=CVE-2025-24042
https://nvd.nist.gov/vuln/detail/CVE-2025-24042

Back to Vulnerability Database

CVE-2025-24042

CVSS 3.1 Score 7.3 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations