CVE-2021-24108
Description
Microsoft Office Remote Code Execution Vulnerability
Risk Information
Base Score
7.7
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
3.222
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2010 (KB4504703) 32-Bit Edition | Windows |
| Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2010 (KB4504703) 64-Bit Edition | Windows |
| Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2013 (KB4493228) 32-Bit Edition | Windows |
| Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2013 (KB4493228) 64-Bit Edition | Windows |
| Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2016 (KB4493225) 32-Bit Edition | Windows |
| Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2016 (KB4493225) 64-Bit Edition | Windows |
| Microsoft Excel Remote Code Execution Vulnerability for Office 2019 for x86 1808 of version(10372.20060) | Windows |
| Microsoft Excel Remote Code Execution Vulnerability for Office 2019 x64 1808 (Build:10372.20060) | Windows |
| Microsoft Excel Remote Code Execution Vulnerability for Office 2019 for x64 1808 of version(10372.20060) | Windows |
| Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2008 of version(13127.21348) | Windows |
| Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2008 of version(13127.21348) | Windows |
| Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x64 2008 of version(13127.21348) | Windows |
| Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x86 2008 of version(13127.21348) | Windows |
| Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2008 (Build 13127.21348) | Windows |
| Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x64 2102 of version(13801.20294) | Windows |
| Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x86 2102 of version(13801.20294) | Windows |
| Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Current Channel for x64 2102 of version(13801.20294) | Windows |
| Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Current Channel for x86 2102 of version(13801.20294) | Windows |
| Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2102 of version(13801.20294) | Windows |
| Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2102 of version(13801.20294) | Windows |
| Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel Version 2102 (Build 13801.20294) | Windows |
| Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Targeted Channel Version 2102 (Build 13801.20294) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-31002 | Security Update for Microsoft Office 2010 (KB4504703) 32-Bit Edition |
| PATCH-31003 | Security Update for Microsoft Office 2010 (KB4504703) 64-Bit Edition |
| PATCH-31014 | Security Update for Microsoft Office 2013 (KB4493228) 32-Bit Edition |
| PATCH-31015 | Security Update for Microsoft Office 2013 (KB4493228) 64-Bit Edition |
| PATCH-31026 | Security Update for Microsoft Office 2016 (KB4493225) 32-Bit Edition |
| PATCH-31027 | Security Update for Microsoft Office 2016 (KB4493225) 64-Bit Edition |
| PATCH-31051 | Update for Office 2019 for x86 1808 of version(10372.20060) |
| PATCH-31052 | Office 2016 Deployment Tool for Office 2019 x64 1808 (Build:10372.20060) |
| PATCH-31053 | Update for Office 2019 for x64 1808 of version(10372.20060) |
| PATCH-31055 | Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2008 of version(13127.21348) |
| PATCH-31057 | Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2008 of version(13127.21348) |
| PATCH-31059 | Update for Microsoft 365 Apps for Business Semi Annual Channel for x64 2008 of version(13127.21348) |
| PATCH-31061 | Update for Microsoft 365 Apps for Business Semi Annual Channel for x86 2008 of version(13127.21348) |
| PATCH-31067 | Update for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2008 (Build 13127.21348) |
| PATCH-31043 | Update for Microsoft 365 Apps for Enterprise Current Channel for x64 2102 of version(13801.20294) |
| PATCH-31045 | Update for Microsoft 365 Apps for Enterprise Current Channel for x86 2102 of version(13801.20294) |
| PATCH-31047 | Update for Microsoft 365 Apps for Business Current Channel for x64 2102 of version(13801.20294) |
| PATCH-31049 | Update for Microsoft 365 Apps for Business Current Channel for x86 2102 of version(13801.20294) |
| PATCH-31063 | Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2102 of version(13801.20294) |
| PATCH-31065 | Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2102 of version(13801.20294) |
| PATCH-31066 | Update for Microsoft 365 Apps for Enterprise Current Channel Version 2102 (Build 13801.20294) |
| PATCH-31068 | Update for Microsoft 365 Apps for Enterprise Targeted Channel Version 2102 (Build 13801.20294) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234