Remote Code Execution Vulnerability in Microsoft Excel Products
CVE-2018-8375

7.8HIGH

Key Information:

Vendor

Microsoft
Status
Microsoft Excel Viewer
Microsoft Office
Microsoft Excel
Vendor
CVE Published:
15 August 2018

What is CVE-2018-8375?

A remote code execution vulnerability exists in Microsoft Excel due to improper handling of objects in memory. This flaw can allow an attacker to execute arbitrary code on the target system when a victim opens a manipulated Excel file. The issue affects Microsoft Excel Viewer, Microsoft Office, and Microsoft Excel itself, raising significant security concerns for users. To mitigate potential risks, it's crucial to promptly update to the latest software versions and apply relevant security patches.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Microsoft Excel 2010 Service Pack 2 (32-bit editions)

Microsoft Excel 2010 Service Pack 2 (64-bit editions)

Microsoft Excel 2013 RT Service Pack 1

References

http://www.securityfocus.com/bid/104989
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1041463
vdb-entryx_refsource_SECTRACK
https://portal.msrc.microsoft.com/en-US/security-guidance...
x_refsource_CONFIRM

EPSS Score

37% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.