VYPR
High severityNVD Advisory· Published Oct 14, 2025· Updated Feb 22, 2026

.NET Elevation of Privilege Vulnerability

CVE-2025-55247

Description

Improper link resolution before file access ('link following') in .NET allows an authorized attacker to elevate privileges locally.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
Microsoft.Build.Tasks.CoreNuGet
>= 17.15.0-preview-25277-114, < 18.0.0-preview-25476-10718.0.0-preview-25476-107
Microsoft.Build.Tasks.CoreNuGet
>= 17.14.0, < 17.14.2817.14.28
Microsoft.Build.Tasks.CoreNuGet
>= 17.12.0, < 17.12.5017.12.50
Microsoft.Build.Tasks.CoreNuGet
>= 17.11.0, < 17.11.4817.11.48
Microsoft.Build.Tasks.CoreNuGet
>= 17.10.0, < 17.10.4617.10.46
Microsoft.Build.Tasks.CoreNuGet
>= 17.8.0, < 17.8.4317.8.43
Microsoft.BuildNuGet
>= 17.15.0-preview-25277-114, < 18.0.0-preview-25476-10718.0.0-preview-25476-107
Microsoft.BuildNuGet
>= 17.14.0, < 17.14.2817.14.28
Microsoft.BuildNuGet
>= 17.12.0, < 17.12.5017.12.50
Microsoft.BuildNuGet
>= 17.11.0, < 17.11.4817.11.48
Microsoft.BuildNuGet
>= 17.10.0, < 17.10.4617.10.46
Microsoft.BuildNuGet
>= 17.8.0, < 17.8.4317.8.43
Microsoft.Build.Utilities.CoreNuGet
>= 17.15.0-preview-25277-114, < 18.0.0-preview-25476-10718.0.0-preview-25476-107
Microsoft.Build.Utilities.CoreNuGet
>= 17.14.0, < 17.14.2817.14.28
Microsoft.Build.Utilities.CoreNuGet
>= 17.12.0, < 17.12.5017.12.50
Microsoft.Build.Utilities.CoreNuGet
>= 17.11.0, < 17.11.4817.11.48
Microsoft.Build.Utilities.CoreNuGet
>= 17.10.0, < 17.10.4617.10.46
Microsoft.Build.Utilities.CoreNuGet
>= 17.8.0, < 17.8.4317.8.43

Affected products

35

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.