8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.063 Low
EPSS
Percentile
93.7%
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, obtain sensitive information.
Below is a complete list of vulnerabilities:
CVE-2023-36897 high
CVE-2023-35372 critical
CVE-2023-36891 critical
CVE-2023-36894 high
CVE-2023-36895 critical
CVE-2023-36865 critical
CVE-2023-36890 high
CVE-2023-29330 critical
CVE-2023-36896 critical
CVE-2023-35371 critical
CVE-2023-29328 critical
CVE-2023-36866 critical
CVE-2023-36893 high
CVE-2023-36892 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update component usually can be accessed from the Control Panel) and updates from the Update Options section, that are listed in your Office Account (Office Account tab usually can be accessed from the File menu)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/4484489
support.microsoft.com/kb/4504720
support.microsoft.com/kb/5002328
support.microsoft.com/kb/5002391
support.microsoft.com/kb/5002398
support.microsoft.com/kb/5002399
support.microsoft.com/kb/5002417
support.microsoft.com/kb/5002418
support.microsoft.com/kb/5002422
support.microsoft.com/kb/5002435
support.microsoft.com/kb/5002436
support.microsoft.com/kb/5002437
support.microsoft.com/kb/5002439
support.microsoft.com/kb/5002445
support.microsoft.com/kb/5002449
support.microsoft.com/kb/5002451
support.microsoft.com/kb/5002453
support.microsoft.com/kb/5002459
support.microsoft.com/kb/5002462
support.microsoft.com/kb/5002463
support.microsoft.com/kb/5002464
support.microsoft.com/kb/5002465
support.microsoft.com/kb/5002565
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29328
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29330
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35371
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35372
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36865
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36866
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36890
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36891
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36892
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36893
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36894
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36895
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36896
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36897
portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV230003
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Excel/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Outlook/
threats.kaspersky.com/en/product/Microsoft-SharePoint/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.063 Low
EPSS
Percentile
93.7%