CVE-2025-21171: .NET Remote Code Execution Vulnerability
Overview
- Severity
- High (CVSS 7.5)
- CVSS Vector
- CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
- Category
- Remote Code Execution
- Exploit Status
- Not Exploited
- Exploitation Likelihood
- Less Likely
- Patch Tuesday
- 2025-Jan
- Released
- 2025-01-14
- Last Updated
- 2025-01-29
- EPSS Score
- 0.59% (percentile: 69.3%)
FAQ
According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution?
This attack requires a victim to perform a specific action, such as copying files or executing a command, and for an attacker with appropriate access to have pre-planted malicious files with knowledge of where they should be placed on the victim's system.
According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?
This attack requires a victim to perform a specific action, such as copying files or executing a command, and for an attacker with appropriate access to have pre-planted malicious files with knowledge of where they should be placed on the victim's system.
According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
Exploitation of this vulnerability requires that a user trigger the payload in the application.
Affected Products (10)
Developer Tools
- PowerShell 7.5 installed on Windows
- PowerShell 7.5 installed on Linux
- PowerShell 7.5 installed on MacOS
- .NET 9.0 installed on Linux
- .NET 9.0 installed on Mac OS
- .NET 9.0 installed on Windows
- Microsoft Visual Studio 2022 version 17.12
- Microsoft Visual Studio 2022 version 17.6
- Microsoft Visual Studio 2022 version 17.8
- Microsoft Visual Studio 2022 version 17.10
Security Updates (6)
Revision History
- 2025-01-14: Information published.
- 2025-01-29: Revised the Security Updates table to include PowerShell 7.5 installed on Windows, PowerShell 7.5 installed on Linux, and PowerShell 7.5 installed on MacOC because these versions of PowerShell 7 are affected by this vulnerability. See https://github.com/PowerShell/Announcements/issues/72 for more information.