8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
8 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.136 Low
EPSS
Percentile
95.5%
10/12/2021
High
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, spoof user interface.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Microsoft Office Web Apps Server 2013 Service Pack 1
Microsoft Office LTSC for Mac 2021
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft Office 2019 for 32-bit editions
Microsoft Office 2013 RT Service Pack 1
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2019 for Mac
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Excel 2016 (32-bit edition)
Microsoft Excel 2013 RT Service Pack 1
Microsoft Office 2016 (64-bit edition)
Microsoft Office 2016 (32-bit edition)
Microsoft SharePoint Enterprise Server 2016
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft SharePoint Server 2019
Microsoft Office Online Server
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office 2019 for 64-bit editions
Microsoft Excel 2016 (64-bit edition)
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2021-40454
CVE-2021-41344
CVE-2021-40481
CVE-2021-40483
CVE-2021-40473
CVE-2021-40487
CVE-2021-40482
CVE-2021-40480
CVE-2021-40486
CVE-2021-40485
CVE-2021-40479
CVE-2021-40471
CVE-2021-40474
CVE-2021-40484
CVE-2021-40472
ACE
CVE-2021-404545.5High
CVE-2021-413448.1Critical
CVE-2021-404817.1High
CVE-2021-404837.6Critical
CVE-2021-404737.8Critical
CVE-2021-404878.1Critical
CVE-2021-404825.3High
CVE-2021-404807.8Critical
CVE-2021-404867.8Critical
CVE-2021-404857.8Critical
CVE-2021-404797.8Critical
CVE-2021-404717.8Critical
CVE-2021-404747.8Critical
CVE-2021-404847.6Critical
CVE-2021-404725.5High
5001960
5001985
5002029
5002043
5002004
4461476
5002036
5001924
5002027
5002042
5001982
5002006
5002030
4493202
5002028
4018332
support.microsoft.com/kb/4018332
support.microsoft.com/kb/4461476
support.microsoft.com/kb/4493202
support.microsoft.com/kb/5001924
support.microsoft.com/kb/5001960
support.microsoft.com/kb/5001982
support.microsoft.com/kb/5001985
support.microsoft.com/kb/5002004
support.microsoft.com/kb/5002006
support.microsoft.com/kb/5002027
support.microsoft.com/kb/5002028
support.microsoft.com/kb/5002029
support.microsoft.com/kb/5002030
support.microsoft.com/kb/5002036
support.microsoft.com/kb/5002042
support.microsoft.com/kb/5002043
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40454
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40471
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40472
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40473
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40474
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40479
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40480
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40481
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40482
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40483
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40484
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40485
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40486
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40487
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41344
nvd.nist.gov/vuln/detail/CVE-2021-40454
nvd.nist.gov/vuln/detail/CVE-2021-40471
nvd.nist.gov/vuln/detail/CVE-2021-40472
nvd.nist.gov/vuln/detail/CVE-2021-40473
nvd.nist.gov/vuln/detail/CVE-2021-40474
nvd.nist.gov/vuln/detail/CVE-2021-40479
nvd.nist.gov/vuln/detail/CVE-2021-40480
nvd.nist.gov/vuln/detail/CVE-2021-40481
nvd.nist.gov/vuln/detail/CVE-2021-40482
nvd.nist.gov/vuln/detail/CVE-2021-40483
nvd.nist.gov/vuln/detail/CVE-2021-40484
nvd.nist.gov/vuln/detail/CVE-2021-40485
nvd.nist.gov/vuln/detail/CVE-2021-40486
nvd.nist.gov/vuln/detail/CVE-2021-40487
nvd.nist.gov/vuln/detail/CVE-2021-41344
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Excel/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-SharePoint/
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
8 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.136 Low
EPSS
Percentile
95.5%