Lucene search

[email protected]NVD:CVE-2023-28285

HistoryApr 11, 2023 - 9:15 p.m.

CVE-2023-28285

2023-04-1121:15:26

CWE-416

[email protected]

web.nvd.nist.gov

microsoft office

cve-2023-28285

remote code execution

vulnerability

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.108 Low

EPSS

Percentile

95.1%

JSON

Microsoft Office Remote Code Execution Vulnerability

Affected configurations

NVD

Node

microsoft365_appsMatch-enterprise

microsoftofficeMatch2019macos

microsoftoffice_long_term_servicing_channelMatch2021macos

References

packetstormsecurity.com/files/173127/Microsoft-Office-Remote-Code-Execution.html

packetstormsecurity.com/files/173140/Microsoft-365-MSO-2305-Build-16.0.16501.20074-Remote-Code-Execution.html

msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28285

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.108 Low

EPSS

Percentile

95.1%

JSON

Related for NVD:CVE-2023-28285

nessus2 packetstorm2 zdi1 cvelist1 zdt1 prion1 mscve1 cve1 exploitdb1 openvas2 kaspersky1 malwarebytes1 rapid7blog1