CVE-2024-38171

2024-08-1318:15:25

CWE-416

microsoft

web.nvd.nist.gov

cve-2024-38171

microsoft powerpoint

remote code execution

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

20.6%

JSON

Microsoft PowerPoint Remote Code Execution Vulnerability

Affected configurations

Nvd

Vulners

Node

microsoft365_appsMatch-

microsoftofficeMatch2019

microsoftoffice_long_term_servicing_channelMatch2021-

microsoftoffice_long_term_servicing_channelMatch2021macos

microsoftpowerpointMatch2016

VendorProductVersionCPE
microsoft365_apps-cpe:2.3:a:microsoft:365_apps:-:*:*:*:*:*:*:*
microsoftoffice2019cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
microsoftoffice_long_term_servicing_channel2021cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:*:*
microsoftoffice_long_term_servicing_channel2021cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*
microsoftpowerpoint2016cpe:2.3:a:microsoft:powerpoint:2016:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	365_apps	-	cpe:2.3:a:microsoft:365_apps:-:::::::*
microsoft	office	2019	cpe:2.3:a:microsoft:office:2019:::::::*
microsoft	office_long_term_servicing_channel	2021	cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:::::-::
microsoft	office_long_term_servicing_channel	2021	cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:::::macos::
microsoft	powerpoint	2016	cpe:2.3:a:microsoft:powerpoint:2016:::::::*

CNA Affected

[
  {
    "vendor": "Microsoft",
    "product": "Microsoft Office 2019",
    "cpes": [
      "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "32-bit Systems",
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "19.0.0",
        "lessThan": "https://aka.ms/OfficeSecurityReleases",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft 365 Apps for Enterprise",
    "cpes": [
      "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
    ],
    "platforms": [
      "32-bit Systems",
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "16.0.1",
        "lessThan": "https://aka.ms/OfficeSecurityReleases",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Office LTSC for Mac 2021",
    "cpes": [
      "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "16.0.1",
        "lessThan": "16.88.24081116",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Office LTSC 2021",
    "cpes": [
      "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "x64-based Systems",
      "32-bit Systems"
    ],
    "versions": [
      {
        "version": "16.0.1",
        "lessThan": "https://aka.ms/OfficeSecurityReleases",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft PowerPoint 2016",
    "cpes": [
      "cpe:2.3:a:microsoft:powerpoint:2016:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "32-bit Systems",
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "16.0.0",
        "lessThan": "16.0.5461.1000",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]