Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally.
References
| Link | Resource |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29803 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
10 Jul 2025, 14:53
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Microsoft visual Studio Tools For Applications 2019 Sdk
Microsoft visual Studio Tools For Applications 2022 Sdk Microsoft sql Server Management Studio Microsoft visual Studio Tools For Applications 2022 Microsoft Microsoft visual Studio Tools For Applications 2019 |
|
| References | () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29803 - Vendor Advisory | |
| CPE | cpe:2.3:a:microsoft:visual_studio_tools_for_applications_2019_sdk:*:*:*:*:*:*:*:* cpe:2.3:a:microsoft:visual_studio_tools_for_applications_2022_sdk:*:*:*:*:*:*:*:* cpe:2.3:a:microsoft:visual_studio_tools_for_applications_2019:*:*:*:*:*:*:*:* cpe:2.3:a:microsoft:visual_studio_tools_for_applications_2022:*:*:*:*:*:*:*:* cpe:2.3:a:microsoft:sql_server_management_studio:*:*:*:*:*:*:*:* |
12 Apr 2025, 02:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-04-12 02:15
Updated : 2025-07-10 14:53
NVD link : CVE-2025-29803
Mitre link : CVE-2025-29803
JSON object : View
Products Affected
microsoft
- visual_studio_tools_for_applications_2019_sdk
- visual_studio_tools_for_applications_2022_sdk
- visual_studio_tools_for_applications_2022
- sql_server_management_studio
- visual_studio_tools_for_applications_2019
CWE
CWE-427
Uncontrolled Search Path Element