The US Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched zero-day vulnerability affecting Microsoft’s .NET and Visual Studio products to its Known Exploited Vulnerabilities Catalog. The vulnerability, identified as CVE-2023-38180, was addressed by Microsoft in its August 2023 Patch Tuesday updates. The flaw could be exploited for denial-of-service (DoS) attacks, and Microsoft noted that it is aware of malicious exploitation. CISA has categorized it as an ‘important’ severity issue and has instructed government organizations to apply patches or mitigations by August 30.

Read more: https://www.securityweek.com/cisa-warns-organizations-of-exploited-vulnerability-in-net-visual-studio/