CVE-2022-23267

high-risk

Published 2022-05-10

.NET and Visual Studio Denial of Service Vulnerability

Do I need to act?

~

8.2% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

-

Not on CISA KEV list

No confirmed active exploitation reported to CISA

?

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

7

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (10)

.Net

.Net

.Net Core

Powershell

Visual Studio 2019

Visual Studio 2022

Visual Studio 2022

Fedora

Fedora

Fedora

Affected Vendors

Microsoft Fedoraproject

References (5)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23267

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...

Patch https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-2326...

52

/ 100

high-risk

Severity 26/34 · High

Exploitability 10/34 · Low

Exposure 16/34 · Moderate