CVE-2023-33126

# Microsoft Security Advisory CVE-2023-33126: .NET Remote Code Execution Vulnerability ## <a name="executive-summary"></a>Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in .NET during crash and stack trace scenarios that could lead to loading arbitrary binaries. ## Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/254 ### <a name="mitigation-factors"></a>Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. ## <a name="affected-software"></a>Affected software * Any .NET 7.0.1xx SDK 7.0.106 or earlier. * Any .NET 7.0.3xx SDK 7.0.303 or earlier. * Any .NET 6.0.1xx SDK 6.0.117 or earlier. * Any .NET 6.0.3xx SDK 6.0.312 or earlier. If your application uses t...