Severity
High
Analysis Summary
CVE-2023-28260
Microsoft .NET Core could allow a local authenticated attacker to execute arbitrary code on the system, caused by a DLL hijacking flaw. By using a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-28260
Affected Vendors
Microsoft
Affected Products
- Microsoft .NET 6.0Microsoft Visual Studio 2022 17.0
- Microsoft Visual Studio 2022 17.2
- Microsoft Visual Studio 2022 17.4
- Microsoft .NET 7.0Microsoft Visual Studio 2022 17.5
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.