Volerion logoVolerion
Volerion logoVolerion

Microsoft Visual Studio Improper Access Control Vulnerability Allowing Privilege Escalation

Vulnerability

A vulnerability exists in Microsoft Visual Studio due to improper access control, which allows an authorized attacker to locally elevate privileges. This issue affects multiple versions of Visual Studio 2022, as well as Visual Studio 2019 and 2017. An authenticated attacker could exploit this vulnerability by placing a malicious file in the project directory path, waiting for a user with administrative rights to create a project, and thereby gaining elevated privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized administrative privileges.

Remediation

Users can download the security update for Microsoft Visual Studio 2022 versions 17.10, 17.12, and 17.14, as well as for Visual Studio 2019 version 16.11 and Visual Studio 2017 version 15.9, through the Visual Studio Download Center.

Added: Oct 14, 2025, 5:19 PM
Updated: Oct 14, 2025, 10:01 PM

Vulnerability Rating

Custom Algorithm
spread
7.8
impact
7.5
exploitability
3.0
remediation
7.7
relevance
0.7
threat
0.0
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.