CVE Record: CVE-2024-43488

Required CVE Record Information

Description

Missing authentication for critical function in Visual Studio Code extension for Arduino allows an unauthenticated attacker to perform remote code execution through network attack vector.

CWE 1 Total

Learn more

CWE-306: CWE-306: Missing Authentication for Critical Function

CVSS 1 Total

Learn more

Score	Severity	Version	Vector String
8.8	HIGH	3.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Product Status

Learn more

Versions 1 Total

Default Status: unknown

affected

References 1 Total

msrc.microsoft.com: Visual Studio Code extension for Arduino Remote Code Execution Vulnerability
external site
vendor-advisory

Authorized Data Publishers

Learn more

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: Microsoft Corporation

Description

CWE 1 Total

CVSS 1 Total

Product Status

References 1 Total

Authorized Data Publishers

CISA-ADP