CVE-2024-43603

Improper Link Resolution Before File Access ('Link Following') (CWE-59)

Published: Oct 8, 2024

010
CVSS 5.5EPSS 0.04%Medium
CVE info copied to clipboard

Summary

A vulnerability in the Visual Studio Collector Service can lead to a denial of service condition. This is classified as an improper link resolution before file access ('link following') issue.

Impact

This vulnerability allows a local attacker with low privileges to cause a denial of service, potentially rendering the Visual Studio Collector Service unavailable. The attack does not require user interaction and has a high impact on availability. However, it does not affect the confidentiality or integrity of the system.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available. Microsoft has released updates to address this vulnerability across multiple versions of Visual Studio.

Mitigation

1. Update affected Visual Studio installations to the latest patched versions: - Visual Studio 2022: Update to version 17.6.20, 17.8.15, 17.10.8, or 17.11.5 or later. - Visual Studio 2019: Update to version 16.11.41 or later. - Visual Studio 2017: Update to version 15.9.67 or later. - Visual Studio 2015 Update 3: Apply the latest security patch. 2. Implement the principle of least privilege, ensuring that users and processes have only the necessary permissions. 3. Monitor for any suspicious local activities or unexpected service disruptions. 4. Consider implementing additional access controls to limit local access to the Visual Studio Collector Service.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

Timeline

CVSS

A CVSS base score of 5.5 has been assigned.

Oct 8, 2024 at 5:40 PM / microsoft
First Article

Feedly found the first article mentioning CVE-2024-43603. See article

Oct 8, 2024 at 5:55 PM / Zero Day Initiative - Blog
CVE Assignment

NVD published the first details for CVE-2024-43603

Oct 8, 2024 at 6:15 PM
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Oct 8, 2024 at 6:34 PM
EPSS

EPSS Score was set to: 0.04% (Percentile: 9.7%)

Oct 9, 2024 at 10:29 AM
EPSS

EPSS Score was set to: 0.05% (Percentile: 19%)

Nov 19, 2024 at 2:47 AM
Static CVE Timeline Graph

Affected Systems

Microsoft/visual_studio_2022
+null more

Patches

Microsoft
+null more

Links to Mitre Att&cks

T1547.009: Shortcut Modification
+null more

Attack Patterns

CAPEC-132: Symlink Attack
+null more

References

15.9.67
CVE-2022-24513 Elevation of privilege vulnerability A potential elevation of privilege vulnerability exists when the Microsoft Visual Studio updater service improperly parses local configuration data. CVE-2022-24513 Elevation of privilege vulnerability A potential elevation of privilege vulnerability exists when the Microsoft Visual Studio updater service improperly parses local configuration data.
16.11.41
CVE-2023-32027 This advisory is republished to address a Microsoft ODBC Driver for SQL Server Remote Code Execution vulnerability in Visual Studio. CVE-2023-32025 This advisory is republished to address a Microsoft ODBC Driver for SQL Server Remote Code Execution vulnerability in Visual Studio.

News

October 2024 – Microsoft patch tuesday highlights
Spoofing, Denial of Service (DoS), Elevation of Privilege (EoP), Information Disclosure, Security Feature Bypass, and Remote Code Execution (RCE) are among the vulnerabilities that Microsoft has addressed in various software products. Microsoft Configuration Manager Remote Code Execution Vulnerability
MS Family October 2024 Routine Security Update Advisory
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
PT - Visual Studio
Development Last Updated: 10/9/2024 CVEs: CVE-2024-38229 , CVE-2024-43483 , CVE-2024-43603 , CVE-2024-43484 , CVE-2024-43590 , CVE-2024-43485
Microsoft Security Bulletin Coverage for October 2024
Microsoft’s October 2024 Patch Tuesday has 117 vulnerabilities, of which 42 are Remote Code Execution.SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of October 2024 and has produced coverage for 4 of the reported vulnerabilities. Microsoft tracks vulnerabilities that are being actively exploited at the time of discovery and those that have been disclosed publicly before the patch Tuesday release for each month.
Microsoft Release October 2024 Patch Tuesday Updates for Windows 11 and Windows 10
Microsoft addressed 117 vulnerabilities in the October 2024 Patch Tuesday update, including three rated critical and two actively exploited security flaws. Here’s the full list of CVEs released by Microsoft with the October 2024 Patch Tuesday updates:
See 24 more articles and social media posts

CVSS V3.1

Attack Vector:Local
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Unchanged
Confidentiality:None
Integrity:None
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI