Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA48560
HistoryMar 14, 2023 - 12:00 a.m.

KLA48560 Multiple vulnerabilities in Microsoft Office

2023-03-1400:00:00
Kaspersky Lab
threats.kaspersky.com
95
microsoft office
vulnerabilities
spoofing
information disclosure
privilege escalation
remote code execution
denial of service
excel
office for android
onedrive
outlook
macos
windows graphics component
sharepoint server
cve-2023-23398
cve-2023-23391
cve-2023-24923
cve-2023-24882
cve-2023-23397
cve-2023-24930
cve-2023-24910
cve-2023-23395
cve-2023-23399
cve-2023-23396
malware
exploit
microsoft-office
microsoft-outlook
microsoft-excel
microsoft-sharepoint
onedrive.

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

Low

0.922 High

EPSS

Percentile

99.0%

JSON

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, gain privileges, execute arbitrary code, cause denial of service.

Below is a complete list of vulnerabilities:

  1. A spoofing vulnerability in Microsoft Excel can be exploited remotely to spoof user interface.
  2. A spoofing vulnerability in Office for Android can be exploited remotely to spoof user interface.
  3. An information disclosure vulnerability in Microsoft OneDrive for Android can be exploited remotely to obtain sensitive information.
  4. An elevation of privilege vulnerability in Microsoft Outlook can be exploited remotely to gain privileges.
  5. An elevation of privilege vulnerability in Microsoft OneDrive for MacOS can be exploited remotely to gain privileges.
  6. An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
  7. A spoofing vulnerability in Microsoft SharePoint Server can be exploited remotely to spoof user interface.
  8. A remote code execution vulnerability in Microsoft Excel can be exploited remotely to execute arbitrary code.
  9. A denial of service vulnerability in Microsoft Excel can be exploited remotely to cause denial of service.

Original advisories

CVE-2023-23398

CVE-2023-23391

CVE-2023-24923

CVE-2023-24882

CVE-2023-23397

CVE-2023-24930

CVE-2023-24910

CVE-2023-23395

CVE-2023-23399

CVE-2023-23396

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Office

Microsoft-Outlook

Microsoft-Excel

Microsoft-SharePoint

OneDrive

CVE list

CVE-2023-24910 critical

CVE-2023-23398 high

CVE-2023-23391 high

CVE-2023-24923 high

CVE-2023-24882 high

CVE-2023-23397 critical

CVE-2023-24930 critical

CVE-2023-23395 warning

CVE-2023-23399 critical

CVE-2023-23396 high

KB list

5002254

5002356

5002197

5002358

5002351

5002265

5002367

5002368

5002198

5002355

5002362

5002366

5002168

5002348

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update component usually can be accessed from the Control Panel) and updates from the Update Options section, that are listed in your Office Account (Office Account tab usually can be accessed from the File menu)

Install Office updates

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

  • PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

  • SUI

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

Affected Products

  • Microsoft Excel 2013 Service Pack 1 (32-bit editions)Microsoft 365 Apps for Enterprise for 64-bit SystemsMicrosoft Excel 2016 (64-bit edition)Microsoft SharePoint Server 2019Microsoft Office 2019 for 32-bit editionsMicrosoft Outlook 2013 Service Pack 1 (32-bit editions)Microsoft Outlook 2013 RT Service Pack 1Microsoft Outlook 2016 (32-bit edition)Microsoft Office Online ServerMicrosoft Office 2013 Service Pack 1 (32-bit editions)Microsoft Office 2016 (64-bit edition)Microsoft Office for UniversalMicrosoft SharePoint Foundation 2013 Service Pack 1Microsoft Outlook 2013 Service Pack 1 (64-bit editions)Microsoft SharePoint Server Subscription EditionMicrosoft Office Web Apps Server 2013 Service Pack 1Microsoft Outlook 2016 (64-bit edition)Microsoft Office 2013 Service Pack 1 (64-bit editions)Microsoft Office LTSC for Mac 2021Microsoft SharePoint Enterprise Server 2016Microsoft Excel 2013 RT Service Pack 1OneDrive for MacOS InstallerMicrosoft Office LTSC 2021 for 32-bit editionsMicrosoft Office 2019 for 64-bit editionsMicrosoft Excel 2016 (32-bit edition)Microsoft Office for AndroidOneDrive for AndroidMicrosoft Office 2013 RT Service Pack 1Microsoft Office LTSC 2021 for 64-bit editionsMicrosoft SharePoint Enterprise Server 2013 Service Pack 1Microsoft Office 2019 for MacMicrosoft 365 Apps for Enterprise for 32-bit SystemsMicrosoft Excel 2013 Service Pack 1 (64-bit editions)Microsoft Office 2016 (32-bit edition)

References

Related

openvas 13
nessus 24
mskb 29
thn 18
cnvd 3
cvelist 10
prion 10
cve 10
packetstorm 2
zdt 2
mscve 12
alpinelinux 2
nvd 10
githubexploit 23
attackerkb 1
talosblog 4
mmpc 1
mssecure 1
vulnrichment 1
cisa_kev 1
trendmicroblog 1
exploitdb 1
msrc 2
securelist 3
krebs 3
malwarebytes 2
avleonov 1
trellix 4
qualysblog 3
rapid7blog 1
kaspersky 1
openvas
openvas
Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Mar 2023)
2023-03-15 00:00:00
Microsoft Excel 2016 Multiple Vulnerabilities (KB5002351)
2023-03-15 00:00:00
Microsoft Excel 2013 Service Pack 1 Multiple Vulnerabilities (KB5002348)
2023-03-15 00:00:00
nessus
nessus
Security Updates for Microsoft Office Web Apps (March 2023)
2023-03-14 00:00:00
Security Updates for Microsoft Excel Products (March 2023)
2023-03-14 00:00:00
Security Updates for Microsoft Office Products (Mar 2023) (macOS)
2023-03-16 00:00:00
mskb
mskb
Description of the security update for Office Online Server: March 14, 2023 (KB5002356)
2023-03-14 07:00:00
Description of the security update for Office Web Apps Server 2013: March 14, 2023 (KB5002362)
2023-03-14 07:00:00
Description of the security update for Excel 2016: March 14, 2023 (KB5002351)
2023-03-14 07:00:00
thn
thn
Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack
2023-03-15 05:26:00
APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme
2024-03-18 05:59:00
CERT-UA Uncovers New Malware Wave Distributing OCEANMAP, MASEPIE, STEELHOOK
2023-12-29 10:41:00
cnvd
cnvd
Microsoft Excel Denial of Service Vulnerability (CNVD-2023-80166)
2023-03-16 00:00:00
Microsoft Excel Code Execution Vulnerability (CNVD-2023-53911)
2023-03-16 00:00:00
Microsoft SharePoint Server Spoofing Vulnerability (CNVD-2023-72200)
2023-03-16 00:00:00
cvelist
cvelist
CVE-2023-24923 Microsoft OneDrive for Android Information Disclosure Vulnerability
2023-03-14 16:55:33
CVE-2023-23398 Microsoft Excel Spoofing Vulnerability
2023-03-14 16:55:28
CVE-2023-23396 Microsoft Excel Denial of Service Vulnerability
2023-03-14 16:55:27
prion
prion
Spoofing
2023-03-14 17:15:00
Information disclosure
2023-03-14 17:15:00
Spoofing
2023-03-14 17:15:00
cve
cve
CVE-2023-23396
2023-03-14 17:15:13
CVE-2023-23391
2023-03-14 17:15:12
CVE-2023-23398
2023-03-14 17:15:13
packetstorm
packetstorm
Microsoft Excel Spoofing
2023-04-06 00:00:00
Microsoft Excel 365 MSO 2302 Build 16.0.16130.20186 Remote Code Execution
2023-04-10 00:00:00
zdt
zdt
Microsoft Excel Spoofing Vulnerability
2023-04-06 00:00:00
Microsoft Excel 365 MSO (v 2302 Build 16.0.16130.20186) 64-bit - Remote Code Execution Vulnerability
2023-04-08 00:00:00
mscve
mscve
Microsoft Excel Spoofing Vulnerability
2023-03-14 07:00:00
Microsoft OneDrive for Android Information Disclosure Vulnerability
2023-03-14 07:00:00
Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability
2023-03-14 07:00:00
alpinelinux
alpinelinux
CVE-2023-24923
2023-03-14 17:15:19
CVE-2023-24882
2023-03-14 17:15:17
nvd
nvd
CVE-2023-24923
2023-03-14 17:15:19
CVE-2023-23396
2023-03-14 17:15:13
CVE-2023-23398
2023-03-14 17:15:13
githubexploit
githubexploit
Exploit for Uncontrolled Resource Consumption in Microsoft
2023-03-16 17:28:27
Exploit for Authentication Bypass by Capture-replay in Microsoft
2023-03-15 17:03:38
Exploit for Authentication Bypass by Capture-replay in Microsoft
2023-03-18 21:44:46
attackerkb
attackerkb
CVE-2023-23397
2023-03-14 00:00:00
talosblog
talosblog
Threat Source newsletter (March 23, 2023) — Meta is threatening to ban news sharing in Canada. Good.
2023-03-23 18:00:16
Threat Advisory: Microsoft Outlook privilege escalation vulnerability being exploited in the wild
2023-03-15 23:46:33
Threat Source newsletter (March 16, 2023) — A deep dive into Talos' work in Ukraine
2023-03-16 18:00:15
mmpc
mmpc
Guidance for investigating attacks using CVE-2023-23397
2023-03-24 18:30:00
mssecure
mssecure
Guidance for investigating attacks using CVE-2023-23397
2023-03-24 18:30:00
vulnrichment
vulnrichment
CVE-2023-24910 Windows Graphics Component Elevation of Privilege Vulnerability
2023-03-14 16:55:55
cisa_kev
cisa_kev
Microsoft Office Outlook Privilege Escalation Vulnerability
2023-03-14 00:00:00
trendmicroblog
trendmicroblog
Patch CVE-2023-23397 Immediately: What You Need To Know and Do
2023-03-21 00:00:00
exploitdb
exploitdb
Microsoft Excel 365 MSO (Version 2302 Build 16.0.16130.20186) 64-bit - Remote Code Execution (RCE)
2023-04-08 00:00:00
msrc
msrc
Microsoft Mitigates Outlook Elevation of Privilege Vulnerability
2023-03-14 13:00:00
Microsoft Mitigates Outlook Elevation of Privilege Vulnerability
2023-03-14 13:00:00
securelist
securelist
Comprehensive analysis of initial attack samples exploiting CVE-2023-23397 vulnerability
2023-07-19 12:00:41
IT threat evolution Q3 2023
2023-12-01 10:00:09
IT threat evolution in Q1 2023. Non-mobile statistics
2023-06-07 08:00:18
krebs
krebs
Microsoft Patch Tuesday, March 2023 Edition
2023-03-15 15:19:32
Microsoft Patch Tuesday, December 2023 Edition
2023-12-12 22:21:00
Fat Patch Tuesday, February 2024 Edition
2024-02-13 22:28:48
malwarebytes
malwarebytes
How Outlook notification sounds can lead to zero-click exploits
2023-12-21 21:28:01
Update now! Microsoft fixes two zero-day bugs
2023-03-15 01:00:00
avleonov
avleonov
Microsoft Patch Tuesday March 2023: Outlook EoP, MOTW Bypass, Excel DoS, HTTP/3 RCE, ICMP RCE, RPC RCE
2023-03-27 00:25:37
trellix
trellix
CVE-2023-23397: The Notification Sound You Don’t Want to Hear
2023-03-17 00:00:00
CVE-2023-23397: The Notification Sound You Don’t Want to Hear
2023-03-17 00:00:00
The Bug Report - March 2023 Edition
2023-04-05 00:00:00
qualysblog
qualysblog
The March 2023 Patch Tuesday Security Update Review
2023-03-15 00:08:07
Qualys Survey of Top 10 Exploited Vulnerabilities in 2023
2023-09-26 13:04:00
2023 Threat Landscape Year in Review: If Everything Is Critical, Nothing Is
2023-12-19 15:00:00
rapid7blog
rapid7blog
Patch Tuesday - March 2023
2023-03-14 23:46:44
kaspersky
kaspersky
KLA48554 Multiple vulnerabilities in Microsoft Products (ESU)
2023-03-14 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

Low

0.922 High

EPSS

Percentile

99.0%

JSON
Related for KLA48560
openvas13nessus24mskb29thn18cnvd3cvelist10prion10cve10packetstorm2zdt2mscve12alpinelinux2nvd10githubexploit23attackerkb1talosblog4mmpc1mssecure1vulnrichment1cisa_kev1trendmicroblog1exploitdb1msrc2securelist3krebs3malwarebytes2avleonov1trellix4qualysblog3rapid7blog1kaspersky1