A vulnerability in the.NET Core library allows malicious programs to be launched while evading detection by security software. A fix is not currently available and could let attackers execute malicious code on a system without being readily detected by antivirus and EDR products. The vulnerability is caused by a Path Traversal bug in Microsoft s.NET Core that allows malicious garbage collection DLLs to be loaded by users with low. privileges. The bug affects the latest stable release (3.1.x versions) of the.NET.
Source: https://www.bleepingcomputer.com/news/security/net-core-vulnerability-lets-attackers-evade-malware-detection/