{"id":234335,"date":"2026-04-22T05:29:00","date_gmt":"2026-04-22T09:29:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/04\/22\/microsoft-patches-critical-asp-net-core-cve-2026-40372-privilege-escalation-bug\/"},"modified":"2026-04-22T10:45:12","modified_gmt":"2026-04-22T14:45:12","slug":"microsoft-patches-critical-asp-net-core-cve-2026-40372-privilege-escalation-bug","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/04\/22\/microsoft-patches-critical-asp-net-core-cve-2026-40372-privilege-escalation-bug\/","title":{"rendered":"Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug"},"content":{"rendered":"<p><a href=\"https:\/\/thehackernews.com\/2026\/04\/microsoft-patches-critical-aspnet-core.html\">Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug<\/a><\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/04\/microsoft-patches-critical-aspnet-core.html\">https:\/\/thehackernews.com\/2026\/04\/microsoft-patches-critical-aspnet-core.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-22 05:29:00<\/a><\/p>\n<p>Source Domain: <a href=\"thehackernews.com\">thehackernews.com<\/a><\/p>\n<p><span class=\"p-author\">\ue804<span class=\"author\">Ravie Lakshmanan<\/span>\ue802<span class=\"author\">Apr 22, 2026<\/span><\/span><span class=\"p-tags\">Vulnerability \/ Cryptography<\/span><\/p>\n<p>Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges.<\/p>\n<p>The vulnerability, tracked as <strong>CVE-2026-40372<\/strong>, carries a CVSS score of 9.1 out of 10.0. It&#8217;s rated Important in severity. An anonymous researcher has been credited with discovering and reporting the flaw.<\/p>\n<p>&#8220;Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network,&#8221; Microsoft said in a Tuesday advisory. &#8220;An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.&#8221;<\/p>\n<p>The tech giant said an attacker could abuse the vulnerability to disclose files and modify data, but emphasized that successful exploitation hinges on three prerequisites &#8211;<\/p>\n<ul>\n<li>The application uses Microsoft.AspNetCore.DataProtection 10.0.6 from NuGet (either directly or through a package that depends on it, such as Microsoft.AspNetCore.DataProtection.StackExchangeRedis).<\/li>\n<li>The NuGet copy of the library was actually loaded at runtime.<\/li>\n<li>The application runs on Linux, macOS, or another non-Windows operating system.<\/li>\n<\/ul>\n<p>The vulnerability has been addressed by Microsoft in ASP.NET Core version 10.0.7.<\/p>\n<p>&#8220;A regression in the Microsoft.AspNetCore.DataProtection 10.0.0-10.0.6 NuGet packages cause the managed authenticated encryptor to compute its HMAC validation tag over the wrong bytes of the payload and then discard the computed hash in some cases,&#8221; Microsoft explained in its release notes.<\/p>\n<p>In such scenarios, an attacker could forge payloads that pass DataProtection&#8217;s authenticity checks, as wellas decrypt previously-protected payloads in authentication cookies, antiforgery tokens, and others.<\/p>\n<p>&#8220;If an attacker used forged payloads to authenticate as a privileged user during the vulnerable window, they may have induced the application to issue legitimately-signed tokens (session refresh, API key, password reset&#8230;<\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/04\/microsoft-patches-critical-aspnet-core.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug https:\/\/thehackernews.com\/2026\/04\/microsoft-patches-critical-aspnet-core.html Publish Date: 2026-04-22 05:29:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":234336,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiYMuDYXH3vQ6ycJCKfikptBR0jdQdnf-s36gDb0LYx3gvMwQOQLrt072KY5GZ0T2GRhyphenhyphenrfIg5qcCqjE0J_PtKQ1P409j_veWwKYoGsGssQcTotxI2-Dl8akDSyPif_j4LgFL3kWI6pvWKX5QBjsnIZIHdFzlAIRgxspuS4W0Ywe-Z63zmIyL7X39CG_3Ng\/s1600\/dotnet.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[27],"class_list":["post-234335","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/234335"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=234335"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/234335\/revisions"}],"predecessor-version":[{"id":234337,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/234335\/revisions\/234337"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/234336"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=234335"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=234335"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=234335"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}