Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Local vector and required user interaction (open malicious content) give AV:L/UI:R with PR:N since no prior auth is needed; code injection yields full C/I/A within unchanged scope.
Primary rating from Vendor (microsoft).
CVSS VectorVendor: microsoft
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Improper control of generation of code ('code injection') in .NET Framework allows an unauthorized attacker to elevate privileges locally.
AnalysisAI
Local privilege elevation in Microsoft .NET Framework (and .NET 8.0/9.0 plus Visual Studio 2022/2026) via code injection (CWE-94) that lets an unauthorized attacker run code with full confidentiality, integrity, and availability impact after a victim is tricked into interacting with attacker-supplied content. Microsoft reported the issue and has shipped a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires local access to the target host and user interaction (CVSS AV:L, UI:R): a victim must open or process attacker-supplied content - a crafted file, project, or solution handled by the vulnerable .NET runtime or Visual Studio toolchain - for the code-injection to trigger. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H = 7.8 High) describes a locally-reachable, low-complexity flaw that needs no prior privileges but does require victim interaction, yielding full C/I/A impact within an unchanged scope. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker delivers a crafted file, project, or solution to a developer or user and induces them to open or process it (UI:R) on a system with a vulnerable .NET runtime or Visual Studio build. When the runtime/toolchain processes the malicious content it generates and executes attacker-controlled code (CWE-94), giving the attacker code execution and full impact in the victim's context. … |
| Remediation | Patch available per vendor advisory: apply Microsoft's updates referenced at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50650, which covers .NET 8.0/9.0, the .NET Framework 3.5-4.8.1 servicing branches, and the affected Visual Studio 2022 (17.12, 17.14) and 2026 (18.7) toolchains; the provided data confirms a fix is available but does not enumerate exact fixed build/KB numbers, so pull the precise versions from the MSRC update guide and deploy through Windows Update/WSUS and the Visual Studio installer. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours, identify all systems running Microsoft .NET Framework, .NET 8.0, .NET 9.0, Visual Studio 2022, or Visual Studio 2026 and alert development teams to the privilege escalation risk; restrict opening untrusted files from external sources until patches are deployed. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Infinite loop denial-of-service vulnerability in Microsoft .NET Framework (3.5 through 4.8.1), .NET 8.0, 9.0, and 10.0 a
Denial-of-service condition in Microsoft .NET Framework 8.0, 9.0, and 10.0 allows unauthenticated remote attackers to ex
Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service o
Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally.
Local privilege escalation in Microsoft .NET Framework (versions 3.5 through 10.0) and Visual Studio 2017 occurs through
Privilege elevation in ASP.NET Core (bundled with .NET 8.0, 9.0, and 10.0) lets an already-authenticated, low-privileged
Privilege elevation in ASP.NET Core (bundled with .NET 8.0, 9.0, and 10.0) lets an already-authenticated, low-privileged
A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully
Security feature bypass in Microsoft .NET (versions 8.0, 9.0, and 10.0) lets a remote, unauthenticated attacker circumve
Local code execution in Microsoft .NET (Framework 3.5 through 4.8.1, .NET 8.0/9.0, and Visual Studio 2022/2026) arises f
Local code execution in Microsoft .NET 8.0 and 9.0 (and bundled Visual Studio 2022/2026 toolchains) arises from unsafe d
Denial of service in Microsoft .NET (versions 8.0, 9.0, and 10.0) allows a remote, unauthenticated attacker to crash or
Same weakness CWE-94 – Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44400