8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.039 Low
EPSS
Percentile
91.8%
12/14/2021
High
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface, obtain sensitive information.
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2016 (32-bit edition)
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office 2019 for 64-bit editions
Microsoft Office LTSC for Mac 2021
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2016 (64-bit edition)
Microsoft Office 2013 RT Service Pack 1
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Office Online Server
Microsoft Office Web Apps Server 2013 Service Pack 1
Microsoft Office 2019 for Mac
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft Excel 2016 (64-bit edition)
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Excel 2016 (32-bit edition)
Microsoft Office 2019 for 32-bit editions
Microsoft Excel 2013 RT Service Pack 1
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft SharePoint Server 2019
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2021-42293
CVE-2021-43875
CVE-2021-43255
CVE-2021-42320
CVE-2021-42294
CVE-2021-42309
CVE-2021-42295
CVE-2021-43242
CVE-2021-43256
CVE-2021-43876
ACE
CVE-2021-422936.5High
CVE-2021-438757.8Critical
CVE-2021-432555.5High
CVE-2021-423205.7High
CVE-2021-422947.2High
CVE-2021-423098.8Critical
CVE-2021-422955.5High
CVE-2021-432425.7High
CVE-2021-432567.8Critical
CVE-2021-438768.8Critical
5002054
5002047
4504710
4504745
5002101
5002045
5002015
5002099
5002033
5002103
4486726
5002059
5002008
5002055
5002098
5002061
5002097
5002105
5002071
5002104
support.microsoft.com/kb/4486726
support.microsoft.com/kb/4504710
support.microsoft.com/kb/4504745
support.microsoft.com/kb/5002008
support.microsoft.com/kb/5002015
support.microsoft.com/kb/5002033
support.microsoft.com/kb/5002045
support.microsoft.com/kb/5002047
support.microsoft.com/kb/5002054
support.microsoft.com/kb/5002055
support.microsoft.com/kb/5002059
support.microsoft.com/kb/5002061
support.microsoft.com/kb/5002071
support.microsoft.com/kb/5002097
support.microsoft.com/kb/5002098
support.microsoft.com/kb/5002099
support.microsoft.com/kb/5002101
support.microsoft.com/kb/5002103
support.microsoft.com/kb/5002104
support.microsoft.com/kb/5002105
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42293
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42294
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42295
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42309
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42320
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43242
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43255
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43256
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43875
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43876
nvd.nist.gov/vuln/detail/CVE-2021-42293
nvd.nist.gov/vuln/detail/CVE-2021-42294
nvd.nist.gov/vuln/detail/CVE-2021-42295
nvd.nist.gov/vuln/detail/CVE-2021-42309
nvd.nist.gov/vuln/detail/CVE-2021-42320
nvd.nist.gov/vuln/detail/CVE-2021-43242
nvd.nist.gov/vuln/detail/CVE-2021-43255
nvd.nist.gov/vuln/detail/CVE-2021-43256
nvd.nist.gov/vuln/detail/CVE-2021-43875
nvd.nist.gov/vuln/detail/CVE-2021-43876
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Excel/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-SharePoint/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.039 Low
EPSS
Percentile
91.8%