CVE-2020-1416
CVE-2020-1416
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 5.9%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
14 Jul 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka 'Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability'.
Affected products
Microsoft · Azure Storage ExplorerMicrosoft · Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)Microsoft · Microsoft Visual Studio 2019Microsoft · Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)Microsoft · Microsoft Visual Studio 2019 version 16.6 (includes 16.0 - 16.5)Microsoft · TypeScriptMicrosoft · Visual Studio Code