8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
80.6%
12/13/2022
Critical
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface.
Microsoft Office 2019 for Mac
Microsoft Visio 2013 Service Pack 1 (32-bit editions)
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Visio 2016 (64-bit edition)
Microsoft Office 2019 for 32-bit editions
Microsoft Visio 2016 (32-bit edition)
Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2016
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office LTSC for Mac 2021
Microsoft Visio 2013 Service Pack 1 (64-bit editions)
Microsoft SharePoint Server Subscription Edition
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft SharePoint Server 2019
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft Office 2019 for 64-bit editions
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2022-26806
CVE-2022-26805
CVE-2022-44693
CVE-2022-47211
CVE-2022-26804
CVE-2022-44695
CVE-2022-44694
CVE-2022-44696
CVE-2022-44690
CVE-2022-44713
CVE-2022-47212
CVE-2022-44691
CVE-2022-47213
CVE-2022-44692
ACE
CVE-2022-268067.8Critical
CVE-2022-268057.8Critical
CVE-2022-446938.8Critical
CVE-2022-472117.8Critical
CVE-2022-268047.8Critical
CVE-2022-446957.8Critical
CVE-2022-446947.8Critical
CVE-2022-446967.8Critical
CVE-2022-446908.8Critical
CVE-2022-447137.5Critical
CVE-2022-472127.8Critical
CVE-2022-446917.8Critical
CVE-2022-472137.8Critical
CVE-2022-446927.8Critical
5002280
5002327
5002319
5002321
5002286
5002317
5002311
support.microsoft.com/kb/5002280
support.microsoft.com/kb/5002286
support.microsoft.com/kb/5002311
support.microsoft.com/kb/5002317
support.microsoft.com/kb/5002319
support.microsoft.com/kb/5002321
support.microsoft.com/kb/5002327
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26804
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26805
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26806
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44690
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44691
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44692
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44693
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44694
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44695
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44696
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44713
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47211
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47212
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47213
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26804
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26805
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26806
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44690
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44691
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44692
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44693
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44694
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44695
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44696
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44713
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-47211
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-47212
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-47213
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-SharePoint/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
80.6%