9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
Low
0.922 High
EPSS
Percentile
99.0%
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, gain privileges, execute arbitrary code, cause denial of service.
Below is a complete list of vulnerabilities:
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2023-24910 critical
CVE-2023-23398 high
CVE-2023-23391 high
CVE-2023-24923 high
CVE-2023-24882 high
CVE-2023-23397 critical
CVE-2023-24930 critical
CVE-2023-23395 warning
CVE-2023-23399 critical
CVE-2023-23396 high
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update component usually can be accessed from the Control Panel) and updates from the Update Options section, that are listed in your Office Account (Office Account tab usually can be accessed from the File menu)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/5002168
support.microsoft.com/kb/5002197
support.microsoft.com/kb/5002198
support.microsoft.com/kb/5002254
support.microsoft.com/kb/5002265
support.microsoft.com/kb/5002348
support.microsoft.com/kb/5002351
support.microsoft.com/kb/5002355
support.microsoft.com/kb/5002356
support.microsoft.com/kb/5002358
support.microsoft.com/kb/5002362
support.microsoft.com/kb/5002366
support.microsoft.com/kb/5002367
support.microsoft.com/kb/5002368
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23391
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23395
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23396
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23398
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23399
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24882
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24910
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24923
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24930
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Excel/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Outlook/
threats.kaspersky.com/en/product/Microsoft-SharePoint/
threats.kaspersky.com/en/product/OneDrive/
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
Low
0.922 High
EPSS
Percentile
99.0%