CVE-2025-21173 - Vulnerability Details

.NET Elevation of Privilege Vulnerability

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Linux	Linux Kernel
Microsoft	.net Visual Studio 2022
Redhat	Enterprise Linux Rhel Eus

Configuration 1 [-]

OR	cpe:2.3:a:microsoft:visual_studio_2022::::::::
	cpe:2.3:a:microsoft:visual_studio_2022::::::::
	cpe:2.3:a:microsoft:visual_studio_2022::::::::
	cpe:2.3:a:microsoft:visual_studio_2022::::::::

Configuration 2 [-]

AND

OR	cpe:2.3:a:microsoft:.net:8.0.0:::::::*
	cpe:2.3:a:microsoft:.net:9.0.0:::::::*

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
dotnet8.0-0:8.0.112-1.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:0381	2025-01-16T00:00:00Z
dotnet9.0-0:9.0.102-1.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:0382	2025-01-16T00:00:00Z
Red Hat Enterprise Linux 9
dotnet8.0-0:8.0.112-1.el9_5	cpe:/a:redhat:enterprise_linux:9	RHBA-2025:0304	2025-01-14T00:00:00Z
dotnet9.0-0:9.0.102-1.el9_5	cpe:/a:redhat:enterprise_linux:9	RHBA-2025:0305	2025-01-14T00:00:00Z
Red Hat Enterprise Linux 9.4 Extended Update Support
dotnet8.0-0:8.0.112-1.el9_4	cpe:/a:redhat:rhel_eus:9.4	RHSA-2025:0532	2025-01-21T00:00:00Z

References

Link	Providers
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21173
https://nvd.nist.gov/vuln/detail/CVE-2025-21173
https://www.cve.org/CVERecord?id=CVE-2025-21173
https://www.herodevs.com/vulnerability-directory/cve-2025-21173

History

Tue, 06 May 2025 15:45:00 +0000

Type	Values Removed	Values Added
References		https://www.herodevs.com/vulnerability-directory/cve-2025-21173

Thu, 13 Feb 2025 01:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat enterprise Linux Redhat rhel Eus
CPEs		cpe:/a:redhat:enterprise_linux:8 cpe:/a:redhat:enterprise_linux:9 cpe:/a:redhat:rhel_eus:9.4
Vendors & Products		Redhat Redhat enterprise Linux Redhat rhel Eus

Wed, 05 Feb 2025 19:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel Microsoft Microsoft .net Microsoft visual Studio 2022
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:a:microsoft:.net:8.0.0:::::::* cpe:2.3:a:microsoft:.net:9.0.0:::::::* cpe:2.3:a:microsoft:visual_studio_2022:::::::: cpe:2.3:o:linux:linux_kernel:-:::::::*
Vendors & Products		Linux Linux linux Kernel Microsoft Microsoft .net Microsoft visual Studio 2022

Wed, 15 Jan 2025 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 15 Jan 2025 13:45:00 +0000

Type	Values Removed	Values Added
References		https://nvd.nist.gov/vuln/detail/CVE-2025-21173 https://www.cve.org/CVERecord?id=CVE-2025-21173
Metrics	threat_severity `None`	threat_severity `Important`

Tue, 14 Jan 2025 19:45:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-284

Tue, 14 Jan 2025 18:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-379

Tue, 14 Jan 2025 18:15:00 +0000

Type	Values Removed	Values Added
Description		.NET Elevation of Privilege Vulnerability
Title		.NET Elevation of Privilege Vulnerability
Weaknesses		CWE-284
References		https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21173
Metrics		cvssV3_1 `{'score': 7.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}`

MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2025-01-14T18:04:02.074Z

Updated: 2025-05-06T14:27:23.447Z

Reserved: 2024-12-05T21:43:30.760Z

Link: CVE-2025-21173

Vulnrichment

Updated: 2025-05-06T14:27:23.447Z

NVD

Status : Modified

Published: 2025-01-14T18:15:30.480

Modified: 2025-05-06T15:16:00.833

Link: CVE-2025-21173

Redhat

Severity : Important

Publid Date: 2025-01-14T18:04:02Z

Links: CVE-2025-21173 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-21173", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2024-12-05T21:43:30.760Z", "datePublished": "2025-01-14T18:04:02.074Z", "dateUpdated": "2025-05-06T14:27:23.447Z"}, "containers": {"cna": {"title": ".NET Elevation of Privilege Vulnerability", "datePublic": "2025-01-14T08:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.0.0", "versionEndExcluding": "8.0.12"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionStartIncluding": "9.0.0", "versionEndExcluding": "9.0.1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.0", "versionEndExcluding": "17.12.4"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.6.0", "versionEndExcluding": "17.6.22"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.8.0", "versionEndExcluding": "17.8.17"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.10", "versionEndExcluding": "17.10.10"}]}]}], "affected": [{"vendor": "Microsoft", "product": ".NET 8.0", "platforms": ["Unknown"], "versions": [{"version": "8.0.0", "lessThan": "8.0.12", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": ".NET 9.0", "platforms": ["Unknown"], "versions": [{"version": "9.0.0", "lessThan": "9.0.1", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft Visual Studio 2022 version 17.12", "platforms": ["Unknown"], "versions": [{"version": "17.0", "lessThan": "17.12.4", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft Visual Studio 2022 version 17.6", "platforms": ["Unknown"], "versions": [{"version": "17.6.0", "lessThan": "17.6.22", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft Visual Studio 2022 version 17.8", "platforms": ["Unknown"], "versions": [{"version": "17.8.0", "lessThan": "17.8.17", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft Visual Studio 2022 version 17.10", "platforms": ["Unknown"], "versions": [{"version": "17.10", "lessThan": "17.10.10", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": ".NET Elevation of Privilege Vulnerability", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-379: Creation of Temporary File in Directory with Insecure Permissions", "lang": "en-US", "type": "CWE", "cweId": "CWE-379"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2025-04-02T13:23:37.565Z"}, "references": [{"name": ".NET Elevation of Privilege Vulnerability", "tags": ["vendor-advisory"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21173"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "HIGH", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-15T19:17:43.370703Z", "id": "CVE-2025-21173", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-15T19:17:54.375Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-05-06T14:27:23.447Z"}, "references": [{"url": "https://www.herodevs.com/vulnerability-directory/cve-2025-21173"}], "title": "CVE Program Container", "x_generator": {"engine": "ADPogram 0.0.1"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.herodevs.com/vulnerability-directory/cve-2025-21173"}], "x_generator": {"engine": "ADPogram 0.0.1"}, "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-05-06T14:27:23.447Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-21173", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-15T19:17:43.370703Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-15T19:17:49.548Z"}}], "cna": {"title": ".NET Elevation of Privilege Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": ".NET 8.0", "versions": [{"status": "affected", "version": "8.0.0", "lessThan": "8.0.12", "versionType": "custom"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": ".NET 9.0", "versions": [{"status": "affected", "version": "9.0.0", "lessThan": "9.0.1", "versionType": "custom"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "Microsoft Visual Studio 2022 version 17.12", "versions": [{"status": "affected", "version": "17.0", "lessThan": "17.12.4", "versionType": "custom"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "Microsoft Visual Studio 2022 version 17.6", "versions": [{"status": "affected", "version": "17.6.0", "lessThan": "17.6.22", "versionType": "custom"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "Microsoft Visual Studio 2022 version 17.8", "versions": [{"status": "affected", "version": "17.8.0", "lessThan": "17.8.17", "versionType": "custom"}], "platforms": ["Unknown"]}, {"vendor": "Microsoft", "product": "Microsoft Visual Studio 2022 version 17.10", "versions": [{"status": "affected", "version": "17.10", "lessThan": "17.10.10", "versionType": "custom"}], "platforms": ["Unknown"]}], "datePublic": "2025-01-14T08:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21173", "name": ".NET Elevation of Privilege Vulnerability", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en-US", "value": ".NET Elevation of Privilege Vulnerability"}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-379", "description": "CWE-379: Creation of Temporary File in Directory with Insecure Permissions"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "8.0.12", "versionStartIncluding": "8.0.0"}, {"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "9.0.1", "versionStartIncluding": "9.0.0"}, {"criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "17.12.4", "versionStartIncluding": "17.0"}, {"criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "17.6.22", "versionStartIncluding": "17.6.0"}, {"criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "17.8.17", "versionStartIncluding": "17.8.0"}, {"criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "17.10.10", "versionStartIncluding": "17.10"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2025-04-02T13:23:37.565Z"}}}, "cveMetadata": {"cveId": "CVE-2025-21173", "state": "PUBLISHED", "dateUpdated": "2025-05-06T14:27:23.447Z", "dateReserved": "2024-12-05T21:43:30.760Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2025-01-14T18:04:02.074Z", "assignerShortName": "microsoft"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "matchCriteriaId": "4C373831-8981-462F-8A57-9C71D1839052", "versionEndExcluding": "17.6.22", "versionStartIncluding": "17.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "matchCriteriaId": "9CA6DD18-569B-449D-82FF-4BE3A57E7150", "versionEndExcluding": "17.8.17", "versionStartIncluding": "17.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "matchCriteriaId": "EDA7CDF2-DB37-4C34-9D5F-E09B34B83B1A", "versionEndExcluding": "17.10.10", "versionStartIncluding": "17.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "matchCriteriaId": "4CDB41EA-38E1-4325-8DE7-27E187C1695B", "versionEndExcluding": "17.12.4", "versionStartIncluding": "17.12.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "ECB25C50-5246-435F-B5C6-C4643ADBEC47", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:.net:9.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "5DFE5320-88E8-42C2-BC1C-E402FE71ECBB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": ".NET Elevation of Privilege Vulnerability"}, {"lang": "es", "value": "Vulnerabilidad de elevaci\u00f3n de privilegios en .NET"}], "id": "CVE-2025-21173", "lastModified": "2025-05-06T15:16:00.833", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 5.9, "source": "secure@microsoft.com", "type": "Secondary"}]}, "published": "2025-01-14T18:15:30.480", "references": [{"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21173"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.herodevs.com/vulnerability-directory/cve-2025-21173"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-379"}], "source": "secure@microsoft.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2025:0381", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "dotnet8.0-0:8.0.112-1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-01-16T00:00:00Z"}, {"advisory": "RHSA-2025:0382", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "dotnet9.0-0:9.0.102-1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-01-16T00:00:00Z"}, {"advisory": "RHBA-2025:0304", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "dotnet8.0-0:8.0.112-1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-01-14T00:00:00Z"}, {"advisory": "RHBA-2025:0305", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "dotnet9.0-0:9.0.102-1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-01-14T00:00:00Z"}, {"advisory": "RHSA-2025:0532", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "dotnet8.0-0:8.0.112-1.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-01-21T00:00:00Z"}], "bugzilla": {"description": "dotnet: .NET Elevation of Privilege Vulnerability", "id": "2337893", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2337893"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-379", "details": [".NET Elevation of Privilege Vulnerability", "An elevation of privilege vulnerability was found in .NET. This flaw allows an attacker to write a specially crafted file in the security context of the local system."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-21173", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "dotnet6.0", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "dotnet7.0", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-01-14T18:04:02Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-21173\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-21173\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21173"], "statement": "This vulnerability is rated with an Important severity because it allows an attacker to gain elevated privileges in the local system context. By exploiting this, an attacker can bypass standard user permissions, manipulate critical system files, execute arbitrary code, or install malicious software, potentially compromising the entire system.", "threat_severity": "Important"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object