Apr 2025: Visual Studio Elevation of Privilege Vulnerability
CVE-2025-29802 Published on April 8, 2025
Visual Studio Elevation of Privilege Vulnerability
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
Weakness Type
What is a DLL preloading Vulnerability?
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
CVE-2025-29802 has been classified to as a DLL preloading vulnerability or weakness.
Products Associated with CVE-2025-29802
stack.watch emails you whenever new vulnerabilities are published in Microsoft Visual Studio 2022 or Microsoft Visual Studio. Just hit a watch button to start following.
Affected Versions
Microsoft Visual Studio 2022 version 17.10:- Version 17.10.0 and below 17.10.13 is affected.
- Version 17.12.0 and below 17.12.7 is affected.
- Version 17.8.0 and below 17.8.20 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.