8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.024 Low
EPSS
Percentile
89.6%
01/11/2022
Warning
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code.
Microsoft SharePoint Foundation 2013 Service Pack 1
β
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Excel 2013 RT Service Pack 1
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Microsoft Excel 2016 (32-bit edition)
Microsoft Excel 2016 (64-bit edition)
Microsoft Office 2013 RT Service Pack 1
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2016 (32-bit edition)
Microsoft Office 2016 (64-bit edition)
Microsoft Office 2019 for 32-bit editions
Microsoft Office 2019 for 64-bit editions
Microsoft Office 2019 for Mac
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Office LTSC for Mac 2021
Microsoft Office Online Server
Microsoft Office Web Apps Server 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft SharePoint Server 2019
Microsoft SharePoint Server Subscription Edition
Microsoft Word 2016 (32-bit edition)
Microsoft Word 2016 (64-bit edition)
SharePoint Server Subscription Edition Language Pack
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2022-21837
CVE-2022-21840
CVE-2022-21841
CVE-2022-21842
ACE
CVE-2022-218378.8Critical
CVE-2022-218408.8Critical
CVE-2022-218417.8Critical
CVE-2022-218427.8Critical
5002057
5002119
5002110
5002107
5002115
5002113
5002128
5002052
5002109
5002124
5002060
5002129
5002102
5002114
5002127
5002111
5002064
5002108
5002122
4462205
5002118
5002116
5001995
support.microsoft.com/kb/4462205
support.microsoft.com/kb/5001995
support.microsoft.com/kb/5002052
support.microsoft.com/kb/5002057
support.microsoft.com/kb/5002060
support.microsoft.com/kb/5002064
support.microsoft.com/kb/5002102
support.microsoft.com/kb/5002107
support.microsoft.com/kb/5002108
support.microsoft.com/kb/5002109
support.microsoft.com/kb/5002110
support.microsoft.com/kb/5002111
support.microsoft.com/kb/5002113
support.microsoft.com/kb/5002114
support.microsoft.com/kb/5002115
support.microsoft.com/kb/5002116
support.microsoft.com/kb/5002118
support.microsoft.com/kb/5002119
support.microsoft.com/kb/5002122
support.microsoft.com/kb/5002124
support.microsoft.com/kb/5002127
support.microsoft.com/kb/5002128
support.microsoft.com/kb/5002129
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21837
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21840
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21841
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21842
nvd.nist.gov/vuln/detail/CVE-2022-21837
nvd.nist.gov/vuln/detail/CVE-2022-21840
nvd.nist.gov/vuln/detail/CVE-2022-21841
nvd.nist.gov/vuln/detail/CVE-2022-21842
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Excel/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Sharepoint-Server/
threats.kaspersky.com/en/product/Microsoft-SharePoint/
threats.kaspersky.com/en/product/Microsoft-Word/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.024 Low
EPSS
Percentile
89.6%