8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
80.6%
01/10/2023
Critical
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, obtain sensitive information.
Public exploits exist for this vulnerability.
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft SharePoint Server Subscription Edition
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft Visio 2013 Service Pack 1 (32-bit editions)
Microsoft Office LTSC for Mac 2021
Microsoft Visio 2016 (32-bit edition)
Microsoft Visio 2016 (64-bit edition)
Microsoft Office 2019 for 64-bit editions
Microsoft Office 2019 for 32-bit editions
Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft SharePoint Server 2019
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Visio 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2019 for Mac
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft SharePoint Enterprise Server 2016
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2023-21737
CVE-2023-21742
CVE-2023-21744
CVE-2023-21734
CVE-2023-21738
CVE-2023-21735
CVE-2023-21743
CVE-2023-21741
CVE-2023-21736
ACE
CVE-2023-217377.8Critical
CVE-2023-217428.8Critical
CVE-2023-217448.8Critical
CVE-2023-217347.8Critical
CVE-2023-217387.8Critical
CVE-2023-217357.8Critical
CVE-2023-217435.3High
CVE-2023-217417.1High
CVE-2023-217367.8Critical
5002335
5002336
5002329
5002337
5002338
5002332
5002331
support.microsoft.com/kb/5002329
support.microsoft.com/kb/5002331
support.microsoft.com/kb/5002332
support.microsoft.com/kb/5002335
support.microsoft.com/kb/5002336
support.microsoft.com/kb/5002337
support.microsoft.com/kb/5002338
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21734
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21735
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21736
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21737
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21738
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21741
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21742
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21743
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21744
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21734
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21735
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21736
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21737
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21738
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21741
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21742
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21743
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21744
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-SharePoint/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
80.6%