Home

Description

Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.

PUBLISHED Reserved 2025-08-11 | Published 2025-10-14 | Updated 2025-11-22 | Assigner microsoft




HIGH: 7.3CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Problem types

CWE-284: Improper Access Control

Product status

15.9.0 (custom) before 15.9.77
affected

16.11.0 (custom) before 16.11.52
affected

17.10.0 (custom) before 17.10.20
affected

17.12.0 (custom) before 17.12.13
affected

17.14.0 (custom) before 17.14.17
affected

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55240 (Visual Studio Elevation of Privilege Vulnerability) vendor-advisory

cve.org (CVE-2025-55240)

nvd.nist.gov (CVE-2025-55240)

Download JSON