Remote Code Execution Vulnerability Affects Microsoft Word
CVE-2023-21716
Key Information:
- Vendor
- Microsoft
- Status
- Vendor
- CVE Published:
- 14 February 2023
Badges
Summary
The vulnerability in Microsoft Word can allow an attacker to execute remote code on a user's machine, potentially leading to data breaches and unauthorized access. This issue primarily arises due to improper validation of user input in documents. Users are urged to update their Word applications promptly to mitigate the risk of exploitation.
Affected Version(s)
Microsoft 365 Apps for Enterprise 32-bit Systems 16.0.1
Microsoft Office 2019 for Mac Unknown 16.0.0 < 16.70.23021201
Microsoft Office 2019 x64-based Systems 19.0.0
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
Get notified when SecurityVulnerability.io launches alerting π
Well keep you posted π§
News Articles
Help Net SecurityReferences
EPSS Score
29% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- π‘
Public PoC available
- πΎ
Exploit known to exist
- π°
First article discovered by Help Net Security
Vulnerability published
Vulnerability Reserved