CVE-2025-21405: Visual Studio Elevation of Privilege Vulnerability

Overview

Severity

High (CVSS 7.3)

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Category

Elevation of Privilege

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2025-Jan

Released

2025-01-14

EPSS Score

0.42% (percentile: 62.1%)

Affected Products (1)

Developer Tools

• Microsoft Visual Studio 2022 version 17.12

Security Updates (1)

• Release Notes

Acknowledgments

Polar Penguin, <a href="https://github.com/ycdxsb">ycdxsb</a>

Revision History

• 2025-01-14: Information published.