Kaspersky LabKLA20156KLA20156 Multiple vulnerabilities in Microsoft Apps
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
53.5%
Detect date:
01/10/2023
Severity:
High
Description:
Remote code execution vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to execute arbitrary code.
Affected products:
3D Builder
Solution:
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories:
CVE-2023-21792
CVE-2023-21785
CVE-2023-21791
CVE-2023-21782
CVE-2023-21786
CVE-2023-21788
CVE-2023-21789
CVE-2023-21790
CVE-2023-21784
CVE-2023-21783
CVE-2023-21793
CVE-2023-21787
CVE-2023-21781
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2023-217927.8Critical
CVE-2023-217857.8Critical
CVE-2023-217917.8Critical
CVE-2023-217827.8Critical
CVE-2023-217867.8Critical
CVE-2023-217887.8Critical
CVE-2023-217897.8Critical
CVE-2023-217907.8Critical
CVE-2023-217847.8Critical
CVE-2023-217837.8Critical
CVE-2023-217937.8Critical
CVE-2023-217877.8Critical
CVE-2023-217817.8Critical
Microsoft official advisories:
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21781
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21782
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21783
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21784
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21785
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21786
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21787
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21788
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21789
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21790
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21791
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21792
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21793
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21781
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21782
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21783
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21784
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21785
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21786
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21787
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21788
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21789
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21790
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21791
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21792
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21793
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/3D-Viewer/
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
53.5%