Дата обнаружения
|
14/02/2023 |
Уровень угрозы
|
Critical |
Описание
|
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, spoof user interface, bypass security restrictions. Below is a complete list of vulnerabilities:
|
Эксплуатация
|
The following public exploits exists for this vulnerability: https://github.com/Elizarfish/CVE-2023-21823 https://github.com/FeatherStark/CVE-2023-21716 https://github.com/JMousqueton/CVE-2023-21716 https://github.com/gyaansastra/CVE-2023-21716 https://github.com/mikesxrs/CVE-2023-21716_YARA_Results https://github.com/Xnuvers007/CVE-2023-21716 https://github.com/hv0l/CVE-2023-21716_exploit https://github.com/maldev866/WordExp_CVE_2023_21716 https://github.com/CKevens/CVE-2023-21716-POC https://github.com/Lord-of-the-IoT/CVE-2023-21716 Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details. |
Пораженные продукты
|
Microsoft Office for iOS |
Решение
|
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel) |
Первичный источник обнаружения
|
CVE-2023-21714 CVE-2023-21716 CVE-2023-21721 CVE-2023-21715 CVE-2023-21823 CVE-2023-21717 |
Оказываемое влияние
?
|
ACE
[?]
OSI
[?]
SB
[?]
PE
[?]
SUI
[?]
|
Связанные продукты
|
Microsoft Office Microsoft Word Microsoft SharePoint |
CVE-IDS
|
CVE-2023-218235.0Critical
CVE-2023-217145.0Critical CVE-2023-217165.0Critical CVE-2023-217215.0Critical CVE-2023-217155.0Critical CVE-2023-217175.0Critical |
KB list
|
5002323 |