Skip to main content

ASP.NET Core EUVDEUVD-2026-44342

| CVE-2026-47300 HIGH
Incorrect Implementation of Authentication Algorithm (CWE-303)
2026-07-14 microsoft
8.8
CVSS 3.1 · Vendor: microsoft
Temporal: 7.7
Share

Severity by source

Vendor (microsoft) PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
ENISA EUVD
HIGH
qualitative
CIRCL (temporal)
7.7 HIGH
cvss
vuln.today AI
8.8 HIGH

Network-reachable, low-complexity elevation from an existing low-privilege account (PR:L, no UI), yielding full high C/I/A impact within the same authorization scope (S:U).

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (microsoft).

CVSS VectorVendor: microsoft

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Jul 14, 2026 - 20:08 vuln.today
CVE Published
Jul 14, 2026 - 18:20 nvd
HIGH 8.8

DescriptionCVE.org

Incorrect implementation of authentication algorithm in ASP.NET Core allows an authorized attacker to elevate privileges over a network.

AnalysisAI

Privilege elevation in ASP.NET Core (bundled with .NET 8.0, 9.0, and 10.0) lets an already-authenticated, low-privileged network attacker gain higher privileges by abusing a flawed authentication algorithm implementation (CWE-303). Microsoft reported the flaw and has released a patch; there is no public exploit identified at time of analysis and it is not on the CISA KEV. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate as low-privilege user
Delivery
Craft request abusing auth algorithm
Exploit
Bypass privilege checks (CWE-303)
Execution
Obtain elevated privileges
Impact
Access or alter protected data

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to already possess a valid low-privilege authenticated session or credentials on an ASP.NET Core application that uses the framework's built-in authentication (CVSS PR:L confirms prior low-level authentication is needed, so this is not an unauthenticated attack). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, 8.8 High) indicates a low-complexity, network-reachable attack that requires the attacker to already hold some low-privilege authenticated foothold (PR:L) but no user interaction, yielding full high impact to confidentiality, integrity, and availability. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who holds a normal low-privilege account on an ASP.NET Core web application (for example a standard registered user in a multi-tenant portal) sends a crafted authenticated request that the flawed authentication algorithm mis-evaluates, causing the framework to grant elevated privileges. With administrator-level access the attacker then reads other tenants' data and alters or disrupts the application. …
Remediation Patch available per vendor advisory: apply the Microsoft/.NET updates for the affected 8.0, 9.0, and 10.0 runtimes and rebuild/redeploy applications against the patched ASP.NET Core packages, and update the affected Visual Studio 2022 (17.12, 17.14) and Visual Studio 2026 (18.7) installations; exact fixed version numbers are not listed in the input and must be taken from https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47300. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, inventory all systems running .NET 8.0, 9.0, or 10.0 with ASP.NET Core, prioritizing production and customer-facing applications. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-33116 HIGH POC
7.5 Apr 14

Infinite loop denial-of-service vulnerability in Microsoft .NET Framework (3.5 through 4.8.1), .NET 8.0, 9.0, and 10.0 a

CVE-2026-26171 HIGH POC
7.5 Apr 14

Denial-of-service condition in Microsoft .NET Framework 8.0, 9.0, and 10.0 allows unauthenticated remote attackers to ex

CVE-2026-42899 HIGH POC
7.5 May 12

Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service o

CVE-2026-35433 HIGH POC
7.3 May 12

Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally.

CVE-2026-32177 HIGH POC
7.3 May 12

Local privilege escalation in Microsoft .NET Framework (versions 3.5 through 10.0) and Visual Studio 2017 occurs through

CVE-2026-47303 HIGH
8.8 Jul 14

Privilege elevation in ASP.NET Core (bundled with .NET 8.0, 9.0, and 10.0) lets an already-authenticated, low-privileged

CVE-2026-32175 MEDIUM POC
4.3 May 12

A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully

CVE-2026-50528 HIGH
8.2 Jul 14

Security feature bypass in Microsoft .NET (versions 8.0, 9.0, and 10.0) lets a remote, unauthenticated attacker circumve

CVE-2026-57108 HIGH
7.5 Jul 14

Denial of service in Microsoft .NET (versions 8.0, 9.0, and 10.0) allows a remote, unauthenticated attacker to crash or

CVE-2026-47302 HIGH
7.5 Jul 14

Denial of service in Microsoft .NET (versions 8.0, 9.0, and 10.0) and the legacy .NET Framework (3.5 through 4.8.1) allo

CVE-2026-56170 HIGH
7.5 Jul 14

Denial of service in ASP.NET Core (the web framework shipped with .NET 8.0, 9.0, and 10.0) lets a remote, unauthenticate

CVE-2026-50524 HIGH
7.5 Jul 14

Remote denial of service in Microsoft .NET (versions 8.0, 9.0, and 10.0) allows an unauthenticated network attacker to c

Share

EUVD-2026-44342 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy