CVE-2025-25003

Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

CVSS v3 7.3 HIGH

7.3^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.3 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25003	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:microsoft:visual_studio_2019::::::::
	cpe:2.3:a:microsoft:visual_studio_2022::::::::
	cpe:2.3:a:microsoft:visual_studio_2022::::::::
	cpe:2.3:a:microsoft:visual_studio_2022::::::::
	cpe:2.3:a:microsoft:visual_studio_2022::::::::

History

01 Jul 2025, 19:48

Type	Values Removed	Values Added
References	~~() https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25003 -~~	() https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25003 - Vendor Advisory
CPE		cpe:2.3:a:microsoft:visual_studio_2022:::::::: cpe:2.3:a:microsoft:visual_studio_2019::::::::
Summary		(es) El elemento de ruta de búsqueda no controlada en Visual Studio permite que un atacante autorizado eleve privilegios localmente.
First Time		Microsoft Microsoft visual Studio 2022 Microsoft visual Studio 2019

11 Mar 2025, 17:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-11 17:16

Updated : 2025-07-01 19:48

NVD link : CVE-2025-25003

Mitre link : CVE-2025-25003

CVE.ORG link : CVE-2025-25003

JSON object : View

Products Affected

microsoft

visual_studio_2022
visual_studio_2019

CWE

CWE-427

Uncontrolled Search Path Element

{"id": "CVE-2025-25003", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "secure@microsoft.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.3}]}, "published": "2025-03-11T17:16:38.043", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25003", "tags": ["Vendor Advisory"], "source": "secure@microsoft.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "secure@microsoft.com", "description": [{"lang": "en", "value": "CWE-427"}]}], "descriptions": [{"lang": "en", "value": "Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally."}, {"lang": "es", "value": "El elemento de ruta de b\u00fasqueda no controlada en Visual Studio permite que un atacante autorizado eleve privilegios localmente."}], "lastModified": "2025-07-01T19:48:27.057", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D95831C-23B3-45F0-9A63-6ED4C6C920BF", "versionEndExcluding": "16.11.45", "versionStartIncluding": "16.0"}, {"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CAB4ECB-776D-450E-B350-2A8366608B5E", "versionEndExcluding": "17.8.19", "versionStartIncluding": "17.8.0"}, {"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE599BE9-9542-47AB-8DF2-41AC96828EC0", "versionEndExcluding": "17.10.12", "versionStartIncluding": "17.10.0"}, {"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D439AC8-08F1-4F99-9BBE-C4FCD9B99539", "versionEndExcluding": "17.12.6", "versionStartIncluding": "17.12.0"}, {"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0477DF0-B955-41E2-AA6B-B07B324DFC5A", "versionEndExcluding": "17.13.3", "versionStartIncluding": "17.13.0"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}