Unrated severityNVD Advisory· Published Jul 8, 2025· Updated Feb 26, 2026
Visual Studio Elevation of Privilege Vulnerability
CVE-2025-49739
Description
Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network.
Affected products
8- Microsoft/Microsoft Visual Studio 2015 Update 3v5Range: 14.0.0
- Microsoft/Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)v5Range: 15.9.0
- Microsoft/Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)v5Range: 16.11.0
- Microsoft/Microsoft Visual Studio 2022 version 17.10v5Range: 17.10.0
- Microsoft/Microsoft Visual Studio 2022 version 17.12v5Range: 17.12.0
- Microsoft/Microsoft Visual Studio 2022 version 17.14v5Range: 17.14.0
- Microsoft/Microsoft Visual Studio 2022 version 17.8v5Range: 17.8.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49739mitrevendor-advisorypatch
News mentions
0No linked articles in our index yet.