Actively exploited in the wild
Microsoft .NET Core and Visual Studio Denial-of-Service Vulnerability
Microsoft — .NET Core and Visual Studio · Listed in the CISA KEV since 2023-08-09. This indicates confirmed attacks in production environments.
Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
CVE-2023-38180
HighCVSS 7.5KEVExploitation Probability (EPSS)
Very high risk96th percentile — higher than 96% of all known CVEs
Summary
A vulnerability in .NET and Visual Studio allows for a Denial of Service (DoS) attack, potentially leading to application or service unavailability. An attacker can exploit this flaw to disrupt system operations.
Risk Assessment
Organizations may experience downtime in critical applications, leading to revenue loss and diminished customer trust. High availability of services is crucial for business operations.
Recommendation
It is recommended to update .NET and Visual Studio to the latest versions that include security patches. Monitoring systems for unusual traffic patterns can also help in detecting attack attempts.
Original NVD description (English source)
.NET and Visual Studio Denial of Service Vulnerability

