CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
48.5%
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code.
Below is a complete list of vulnerabilities:
CVE-2024-30102 high
CVE-2024-30104 high
CVE-2024-30101 high
CVE-2024-30100 high
CVE-2024-30103 high
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update component usually can be accessed from the Control Panel) and updates from the Update Options section, that are listed in your Office Account (Office Account tab usually can be accessed from the File menu)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
support.microsoft.com/kb/5002575
support.microsoft.com/kb/5002591
support.microsoft.com/kb/5002600
support.microsoft.com/kb/5002602
support.microsoft.com/kb/5002603
support.microsoft.com/kb/5002604
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30100
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30101
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30102
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30103
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30104
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Outlook/
threats.kaspersky.com/en/product/Microsoft-SharePoint/