Home
HIGH: 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 8.0.0 (custom) before 8.0.29
affected
9.0.0 (custom) before 9.0.18
affected
3.5.0 (custom) before 2.0.50727.8983 & 3.0.30729.8978
affected
4.7.0 (custom) before 2.0.50727.9069 & 3.0.30729.9067 & 4.7.4143.0
affected
4.8.0 (custom) before 2.0.50727.9069 & 3.0.30729.9067 & 4.8.4803.0
affected
4.8.1 (custom) before 2.0.50727.9182 & 3.0.30729.9168 & 4.8.9339.0
affected
4.7.0 (custom) before 4.7.4143.0
affected
4.8.0 (custom) before 4.8.4803.0
affected
17.12.0 (custom) before 17.12.22
affected
17.14.0 (custom) before 17.14.36
affected
18.0 (custom) before 18.7.4
affected
Description
Improper control of generation of code ('code injection') in .NET Framework allows an unauthorized attacker to elevate privileges locally.
Problem types
CWE-94: Improper Control of Generation of Code ('Code Injection')
Product status
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50650 (.NET Framework Elevation of Privilege Vulnerability)