Security Updates for Microsoft Visual Studio Products (June 2023)

high Nessus Plugin ID 177249

Synopsis

The Microsoft Visual Studio Products are affected by multiple vulnerabilities.

Description

The Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by multiple vulnerabilities:

- A remote code execution vulnerability in the MSDIA SDK where corrupted PDBs can cause heap overflow, leading to a crash or remote code execution. (CVE-2023-24897)

- A remote code execution vulnerability where specially crafted input to git apply -reject can lead to controlled content writes at arbitrary locations. (CVE-2023-25652)

- A spoofing vulnerability where Github localization messages refer to a hard-coded path instead of respecting the runtime prefix that leads to out-of-bound memory writes and crashes. (CVE-2023-25815)

- An Out-Of-Bounds Write Vulnerability in Autodesk FBX SDK version 2020 or prior may lead to code execution through maliciously crafted FBX files or information disclosure. (CVE-2023-27909)

- An information disclosure vulnerability where a user may be tricked into opening a malicious FBX file. This may exploit a stack buffer overflow (CVE-2023-27910) or heap buffer overflow (CVE-2023-27911) vulnerability in Autodesk FBX SDK 2020 or prior which may lead to remote code execution.

- A remote code execution vulnerability where a configuration file containing a logic error results in arbitrary configuration injection. (CVE-2023-29007)

- A remote code execution vulnerability where the Git for Windows executable responsible for implementing a SOCKS5 proxy is susceptible to picking up an untrusted configuration on multi-user machines. (CVE-2023-29011)

- A remote code execution vulnerability where the Git for Windows Git CMD program incorrectly searches for a program upon startup, leading to silent arbitrary code execution. (CVE-2023-29012)

- A remote code execution vulnerability in the .NET SDK during tool restore which can lead to an elevation of privilege. (CVE-2023-33135)

- An information disclosure vulnerability by the obj file parser in Visual Studio. (CVE-2023-33139)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Microsoft has released the following security updates to address this issue:
- Patch for the Update 5 for Visual Studio 2013
- Patch for the Update 3 for Visual Studio 2015
- Update 15.9.55 for Visual Studio 2017
- Update 16.11.27 for Visual Studio 2019
- Update 17.0.22 for Visual Studio 2022
- Update 17.2.16 for Visual Studio 2022
- Update 17.4.8 for Visual Studio 2022
- Update 17.6.3 for Visual Studio 2022

See Also

http://www.nessus.org/u?dddbae5d

http://www.nessus.org/u?a49726ef

http://www.nessus.org/u?9a1613a0

http://www.nessus.org/u?1d05a264

http://www.nessus.org/u?c46148fb

http://www.nessus.org/u?bdcff516

https://support.microsoft.com/en-us/help/5026454

https://support.microsoft.com/en-us/help/5025792

https://support.microsoft.com/en-us/help/5026455

https://support.microsoft.com/en-us/help/5026610

Plugin Details

Severity: High

ID: 177249

File Name: smb_nt_ms23_jun_visual_studio.nasl

Version: 1.10

Type: local

Agent: windows

Published: 6/13/2023

Updated: 1/10/2024

Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N

CVSS Score Source: CVE-2023-25652

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7.2

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

CVSS Score Source: CVE-2023-33032

Vulnerability Information

CPE: cpe:/a:microsoft:visual_studio

Required KB Items: SMB/MS_Bulletin_Checks/Possible, installed_sw/Microsoft Visual Studio, SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/13/2023

Vulnerability Publication Date: 6/13/2023

Reference Information

CVE: CVE-2023-21808, CVE-2023-21815, CVE-2023-23381, CVE-2023-24895, CVE-2023-24897, CVE-2023-24936, CVE-2023-25652, CVE-2023-25815, CVE-2023-27909, CVE-2023-27910, CVE-2023-27911, CVE-2023-29007, CVE-2023-29011, CVE-2023-29012, CVE-2023-29331, CVE-2023-33032, CVE-2023-33126, CVE-2023-33128, CVE-2023-33135, CVE-2023-33139

IAVA: 2023-A-0293-S

MSFT: MS23-5025792, MS23-5026454, MS23-5026455, MS23-5026610

MSKB: 5025792, 5026454, 5026455, 5026610