The vulnerability of Microsoft Office packages, Microsoft 365 Apps, Microsoft Excel, and Microsoft SharePoint relates to improper code generation management, allowing an attacker to execute arbitrary code.

🗓️ 07 Dec 2021 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

Vulnerabilities in Office, Excel, SharePoint, and Microsoft 365 Apps allow arbitrary code execution due to improper code generation.

Reporter	Title	Published	Views	Family All 25
CNNVD	Microsoft Excel 代码注入漏洞	9 Nov 202100:00	–	cnnvd
CNVD	Microsoft Excel Remote Code Execution Vulnerability (CNVD-2021-102060)	12 Nov 202100:00	–	cnvd
CVE	CVE-2021-40442	10 Nov 202100:46	–	cve
Cvelist	CVE-2021-40442 Microsoft Excel Remote Code Execution Vulnerability	10 Nov 202100:46	–	cvelist
EUVD	EUVD-2021-27619	3 Oct 202520:07	–	euvd
Microsoft KB	Description of the security update for Office Online Server: November 9, 2021 (KB5002053)	9 Nov 202108:00	–	mskb
Microsoft KB	Description of the security update for Excel 2016: November 9, 2021 (KB5002056)	9 Nov 202108:00	–	mskb
Microsoft KB	Description of the security update for SharePoint Enterprise Server 2013: November 9, 2021 (KB5002063)	9 Nov 202108:00	–	mskb
Microsoft KB	Description of the security update for Office Web Apps Server 2013: November 9, 2021 (KB5002065)	9 Nov 202108:00	–	mskb
Microsoft KB	Description of the security update for Excel 2013: November 9, 2021 (KB5002072)	9 Nov 202108:00	–	mskb

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40442
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2021110941
web	www.web.nvd.nist.gov/view/vuln/detail

07 Dec 2021 00:00Current

7.7High risk

Vulners AI Score7.7

CVSS 26.9

CVSS 37.8

EPSS0.06172

Office vulnerabilities Excel vulnerabilities SharePoint vulnerabilities Microsoft 365 Apps Code generation Arbitrary code execution