{"uuid": "f38f7a35-d60d-45ef-99e4-1cfc1e1b545f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29813", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15631", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29813\n\ud83d\udd25 CVSS Score: 10 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C)\n\ud83d\udd39 Description: An elevation of privilege vulnerability exists when Visual Studio improperly handles pipeline job tokens. An attacker who successfully exploited this vulnerability could extend their access to a project.\nTo exploit this vulnerability, an attacker would first have to have access to the project and swap the short-term token for a long-term one.\nThe update addresses the vulnerability by correcting how the Visual Studio updater handles these tokens.\n\ud83d\udccf Published: 2025-05-08T22:17:26.036Z\n\ud83d\udccf Modified: 2025-05-08T22:17:26.036Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29813", "creation_timestamp": "2025-05-08T22:25:00.000000Z"}