Microsoft Visual Studio, .NET vulnerability (CVE-2023-38180) under attack in the wild

Microsoft provided an update to previously released August security updates that confirmed a Microsoft Visual Studio, .NET vulnerability (CVE-2023-38180) is under attack in the wild.

Previously patched as part of August Security Updates, CVE-2023-38180 is a Denial of Service (DoS) vulnerability in Microsoft Visual Studio, .NET versions 6.0 and 7.0, and ASP.NET Core 2.1.

According to Microsoft, CVE-2023-38180 is rated “Important” and was assigned a CVSSv3 score of 7.5. Microsoft confirmed “exploitation has been detected” in the wild.

Microsoft provided the update regarding the exploit status on August 11, 2023 (previously released August 8, 2023).

Related Articles