VYPR
← All advisories
High severityNVD Advisory· Published Sep 12, 2023· Updated Oct 30, 2025

Visual Studio Remote Code Execution Vulnerability

CVE-2023-36792

Description

Visual Studio Remote Code Execution Vulnerability

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

CVE-2023-36792 is a remote code execution vulnerability in Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file, affecting .NET on Windows.

Vulnerability

Overview CVE-2023-36792 is a remote code execution vulnerability in the .NET runtime, specifically within the Microsoft.DiaSymReader.Native.amd64.dll component. The bug is triggered when the runtime processes a specially crafted, corrupted Program Database (PDB) file, leading to memory corruption that an attacker can exploit to execute arbitrary code. This vulnerability only affects Windows systems, as it relies on the native amd64 symbol reader [1][2].

Exploitation

Prerequisites An attacker would need to supply a malicious PDB file to a vulnerable .NET application. This could occur by tricking a user into opening a project or debug artifact containing the crafted PDB. No authentication is required if the attacker can deliver the file via a network share, email, or website. Once the runtime attempts to load or parse the malformed PDB, the memory corruption is triggered without additional user interaction beyond file access [1][2].

Impact

Successful exploitation grants the attacker the ability to execute arbitrary code in the context of the target application. This could allow full compromise of the affected system, including data theft, installation of malware, or further lateral movement within an organization's network. The vulnerability carries a CVSS score reflecting high severity due to its remote code execution potential and the lack of mitigating factors identified by Microsoft [1][4].

Mitigation

Microsoft has released patches for .NET 6.0 and 7.0. Users should update to .NET 6.0.22 or .NET 7.0.11 and ensure corresponding NuGet packages (e.g., Microsoft.NETCore.App.Runtime.win-x64) are updated. Visual Studio will prompt for an update if affected SDKs are installed. No workarounds are available; applying the patch is the only remediation [1][2].

References
  1. Microsoft Security Advisory CVE-2023-36792: .NET Remote Code Execution Vulnerability
  2. Microsoft Security Advisory CVE-2023-36792: .NET Remote Code Execution Vulnerability
  3. NVD - CVE-2023-36792

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
Microsoft.NETCore.App.Runtime.win-arm64NuGet
>= 7.0.0, < 7.0.117.0.11
Microsoft.NETCore.App.Runtime.win-arm64NuGet
>= 6.0.0, < 6.0.226.0.22
Microsoft.NETCore.App.Runtime.win-x64NuGet
>= 7.0.0, < 7.0.117.0.11
Microsoft.NETCore.App.Runtime.win-x64NuGet
>= 6.0.0, < 6.0.226.0.22
Microsoft.NETCore.App.Runtime.win-x86NuGet
>= 6.0.0, < 6.0.226.0.22
Microsoft.NETCore.App.Runtime.win-x86NuGet
>= 7.0.0, < 7.0.117.0.11

Affected products

26
  • osv-coords5 versions
    pkg:bitnami/dotnetpkg:bitnami/dotnet-sdkpkg:nuget/microsoft.netcore.app.runtime.win-arm64pkg:nuget/microsoft.netcore.app.runtime.win-x64pkg:nuget/microsoft.netcore.app.runtime.win-x86
    >= 6.0.0, < 6.0.1+ 4 more
    • (no CPE)range: >= 6.0.0, < 6.0.1
    • (no CPE)range: >= 6.0.0, < 6.0.1
    • (no CPE)range: >= 7.0.0, < 7.0.11
    • (no CPE)range: >= 7.0.0, < 7.0.11
    • (no CPE)range: >= 6.0.0, < 6.0.22
  • Microsoft/Microsoft .NET Framework 2.0 Service Pack 2v5
    Range: 2.0.0
  • Microsoft/Microsoft .NET Framework 3.0 Service Pack 2v5
    Range: 3.0.0
  • Microsoft/Microsoft .NET Framework 3.5v5
    Range: 3.5.0
  • Microsoft/Microsoft .NET Framework 3.5.1v5
    Range: 3.5.0
  • Microsoft/Microsoft .NET Framework 3.5 and 4.6.2v5
    Range: 4.7.0
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2v5
    Range: 3.0.0.0
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.7.2v5
    Range: 4.7.0
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.8v5
    Range: 4.8.0
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.8.1v5
    Range: 4.8.1
  • Microsoft/Microsoft .NET Framework 4.6.2v5
    Range: 4.7.0
  • Microsoft/Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2v5
    Range: 4.7.0
  • Microsoft/Microsoft .NET Framework 4.8v5
    Range: 4.8.0
  • Microsoft/Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)v5
    Range: 15.9.0
  • Microsoft/Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)v5
    Range: 16.11.0
  • Microsoft/Microsoft Visual Studio 2022 version 17.2v5
    Range: 17.2.0
  • Microsoft/Microsoft Visual Studio 2022 version 17.4v5
    Range: 17.4.0
  • Microsoft/Microsoft Visual Studio 2022 version 17.6v5
    Range: 17.6.0
  • Microsoft/Microsoft Visual Studio 2022 version 17.7v5
    Range: 17.7.0
  • Microsoft/.NET 6.0v5
    Range: 6.0.0
  • Microsoft/.NET 7.0v5
    Range: 7.0.0
  • Microsoft/PowerShell 7.2v5
    Range: 7.2.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.