Home

CVE-2018-8502

Description

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in Protected View, aka Microsoft Excel Remote Code Execution Vulnerability. This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
31.562

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Excel 2010 (KB4461466) 64-Bit EditionWindows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Excel 2010 (KB4461466) 32-Bit EditionWindows
Microsoft PowerPoint Remote Code Execution Vulnerability for Microsoft Office 2013 (KB4461445) 64-Bit EditionWindows
Microsoft PowerPoint Remote Code Execution Vulnerability for Microsoft Office 2013 (KB4461445) 32-Bit EditionWindows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Excel 2016 (KB4461448) 32-Bit EditionWindows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Excel 2016 (KB4461448) 64-Bit EditionWindows
Microsoft PowerPoint Remote Code Execution Vulnerability for Microsoft Office 2016 (KB4461437) 32-Bit EditionWindows
Microsoft PowerPoint Remote Code Execution Vulnerability for Microsoft Office 2016 (KB4461437) 64-Bit EditionWindows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Excel 2013 (KB4461460) 64-Bit EditionWindows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Excel 2013 (KB4461460) 32-Bit EditionWindows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-25413Security Update for Microsoft Excel 2010 (KB4461466) 64-Bit Edition
PATCH-25414Security Update for Microsoft Excel 2010 (KB4461466) 32-Bit Edition
PATCH-25424Security Update for Microsoft Office 2013 (KB4461445) 64-Bit Edition
PATCH-25425Security Update for Microsoft Office 2013 (KB4461445) 32-Bit Edition
PATCH-25437Security Update for Microsoft Excel 2016 (KB4461448) 32-Bit Edition
PATCH-25438Security Update for Microsoft Excel 2016 (KB4461448) 64-Bit Edition
PATCH-25433Security Update for Microsoft Office 2016 (KB4461437) 32-Bit Edition
PATCH-25434Security Update for Microsoft Office 2016 (KB4461437) 64-Bit Edition
PATCH-25426Security Update for Microsoft Excel 2013 (KB4461460) 64-Bit Edition
PATCH-25427Security Update for Microsoft Excel 2013 (KB4461460) 32-Bit Edition

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234