Microsoft Visual C++ Redistributable Installer Elevation of Privilege
CVE-2024-43590 Published on October 8, 2024

Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
Visual C++ Redistributable Installer Elevation of Privilege Vulnerability

Vendor Advisory NVD

Weakness Type

What is an Authorization Vulnerability?

The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

CVE-2024-43590 has been classified to as an Authorization vulnerability or weakness.

Products Associated with CVE-2024-43590

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

Microsoft Visual Studio 2022

Microsoft Visual Studio 2019

Microsoft Visual Studio 2017

Affected Versions

Microsoft Visual C++ Redistributable Installer:

Version 10.0.0 and below 14.40.33816 is affected.

Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8):

Version 15.9.0 and below 15.9.67 is affected.

Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10):

Version 16.11.0 and below 16.11.41 is affected.

Microsoft Visual Studio 2022 version 17.6:

Version 17.6.0 and below 17.6.20 is affected.

Microsoft Visual Studio 2022 version 17.8:

Version 17.8.0 and below 17.8.15 is affected.

Microsoft Visual Studio 2022 version 17.10:

Version 17.10 and below 17.10.8 is affected.

Microsoft Visual Studio 2022 version 17.11:

Version 17.11 and below 17.11.5 is affected.

Exploit Probability

EPSS

0.60%

Percentile

69.11%