CVE-2021-40442

Description

Microsoft Excel Remote Code Execution Vulnerability

Risk Information

Base Score

7.7

MODERATE

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

EPSS Score

Exploitation Probability

4.642

Associated Vulnerability

Vulnerability	OS Platform
Microsoft Excel Remote Code Execution Vulnerability for Office 2019 for x86 1808 of version(10380.20037)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Office 2019 for x64 1808 of version(10380.20037)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2102 of version(13801.21050)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2102 of version(13801.21050)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x64 2102 of version(13801.21050)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x86 2102 of version(13801.21050)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2102 (Build 13801.21050) (Online Installer)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2108 of version(14326.20600)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2108 of version(14326.20600)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Targeted Channel Version 2108 (Build 14326.20600) (Online Installer)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x64 2110 of version(14527.20276)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x86 2110 of version(14527.20276)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Current Channel for x64 2110 of version(14527.20276)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Current Channel for x86 2110 of version(14527.20276)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel Version 2110 (Build 14527.20276) (Online Installer)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Excel 2016 (KB5002056) 32-Bit Edition (CVE-2021-42292)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Excel 2016 (KB5002056) 64-Bit Edition (CVE-2021-42292)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft SharePoint Enterprise Server 2013 (KB5002063)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Office Web Apps Server 2013 (KB5002065)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Excel 2013 (KB5002072) 32-Bit Edition (CVE-2021-42292)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Excel 2013 (KB5002072) 64-Bit Edition (CVE-2021-42292)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Office 2019 for x86 1808 of version(10380.20037) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Office 2019 for x64 1808 of version(10380.20037) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Office 2019 for 1808 of Volume License Version (10380.20037) (Online Installer)	Windows
Update for Office 2019 for 1808 of Volume License Version (10380.20037) (Online Installer) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Office 2019 for x86 1808 of volume version(10380.20037)	Windows
Update for Office 2019 for x86 1808 of volume version(10380.20037) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Office 2019 for x64 1808 of volume version(10380.20037)	Windows
Update for Office 2019 for x64 1808 of volume version(10380.20037) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2102 of version(13801.21050) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2102 of version(13801.21050) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x64 2102 of version(13801.21050) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x86 2102 of version(13801.21050) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2102 (Build 13801.21050) (Online Installer) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x64 2102 of version(13801.21050)	Windows
Update for Microsoft 365 Apps for Business Semi Annual Channel for x64 2102 of version(13801.21050) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x86 2102 of version(13801.21050)	Windows
Update for Microsoft 365 Apps for Business Semi Annual Channel for x86 2102 of version(13801.21050) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2102 of version(13801.21050)	Windows
Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2102 of version(13801.21050) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2102 of version(13801.21050)	Windows
Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2102 of version(13801.21050) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2108 of version(14326.20600) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2108 of version(14326.20600) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Targeted Channel Version 2108 (Build 14326.20600) (Online Installer) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Preview Channel for x64 2108 of version(14326.20600)	Windows
Update for Microsoft 365 Apps for Enterprise Semi Annual Preview Channel for x64 2108 of version(14326.20600) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Preview Channel for x86 2108 of version(14326.20600)	Windows
Update for Microsoft 365 Apps for Enterprise Semi Annual Preview Channel for x86 2108 of version(14326.20600) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Monthly Enterprise Channel for x86 version 2109 (14430.20342)	Windows
Update for Microsoft 365 Apps for Monthly Enterprise Channel for x86 version 2109 (14430.20342) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Monthly Enterprise Channel for x64 2109 of version(14430.20342)	Windows
Update for Microsoft 365 Apps for Monthly Enterprise Channel for x64 2109 of version(14430.20342) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x64 2110 of version(14527.20276) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x86 2110 of version(14527.20276) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Current Channel for x64 2110 of version(14527.20276) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Current Channel for x86 2110 of version(14527.20276) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel Version 2110 (Build 14527.20276) (Online Installer) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Office 2019 for 2110 Retail Version (14527.20276) (Online Installer)	Windows
Update for Office 2019 for 2110 Retail Version (14527.20276) (Online Installer) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Office 2019 for x64 2110 Retail Version (14527.20276)	Windows
Update for Office 2019 for x64 2110 Retail Version (14527.20276) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Office 2019 for x86 2110 Retail Version (14527.20276)	Windows
Update for Office 2019 for x86 2110 Retail Version (14527.20276) For Home Edition	Windows
Microsoft Excel Remote Code Execution Vulnerability for Office 2019 for x86 2110 Retail Version (14527.20276)	Windows
Microsoft Excel Remote Code Execution Vulnerability for Office 2019 for x64 2110 Retail Version (14527.20276)	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-32448	Update for Office 2019 for x86 1808 of version(10380.20037)
PATCH-32450	Update for Office 2019 for x64 1808 of version(10380.20037)
PATCH-32452	Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2102 of version(13801.21050)
PATCH-32454	Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2102 of version(13801.21050)
PATCH-32456	Update for Microsoft 365 Apps for Business Semi Annual Channel for x64 2102 of version(13801.21050)
PATCH-32458	Update for Microsoft 365 Apps for Business Semi Annual Channel for x86 2102 of version(13801.21050)
PATCH-32464	Update for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2102 (Build 13801.21050) (Online Installer)
PATCH-32460	Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2108 of version(14326.20600)
PATCH-32462	Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2108 of version(14326.20600)
PATCH-32465	Update for Microsoft 365 Apps for Enterprise Targeted Channel Version 2108 (Build 14326.20600) (Online Installer)
PATCH-32440	Update for Microsoft 365 Apps for Enterprise Current Channel for x64 2110 of version(14527.20276)
PATCH-32442	Update for Microsoft 365 Apps for Enterprise Current Channel for x86 2110 of version(14527.20276)
PATCH-32444	Update for Microsoft 365 Apps for Business Current Channel for x64 2110 of version(14527.20276)
PATCH-32446	Update for Microsoft 365 Apps for Business Current Channel for x86 2110 of version(14527.20276)
PATCH-32463	Update for Microsoft 365 Apps for Enterprise Current Channel Version 2110 (Build 14527.20276) (Online Installer)
PATCH-32431	Security Update for Microsoft Excel 2016 (KB5002056) 32-Bit Edition (CVE-2021-42292)
PATCH-32432	Security Update for Microsoft Excel 2016 (KB5002056) 64-Bit Edition (CVE-2021-42292)
PATCH-32433	Security Update for Microsoft SharePoint Enterprise Server 2013 (KB5002063)
PATCH-32428	Security Update for Microsoft Office Web Apps Server 2013 (KB5002065)
PATCH-32429	Security Update for Microsoft Excel 2013 (KB5002072) 32-Bit Edition (CVE-2021-42292)
PATCH-32430	Security Update for Microsoft Excel 2013 (KB5002072) 64-Bit Edition (CVE-2021-42292)
PATCH-32467	Update for Office 2019 for 1808 of Volume License Version (10380.20037) (Online Installer)
PATCH-32515	Update for Office 2019 for x86 1808 of volume version(10380.20037)
PATCH-32517	Update for Office 2019 for x64 1808 of volume version(10380.20037)
PATCH-32502	Update for Microsoft 365 Apps for Business Semi Annual Channel for x64 2102 of version(13801.21050)
PATCH-32504	Update for Microsoft 365 Apps for Business Semi Annual Channel for x86 2102 of version(13801.21050)
PATCH-32506	Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2102 of version(13801.21050)
PATCH-32508	Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2102 of version(13801.21050)
PATCH-32510	Update for Microsoft 365 Apps for Enterprise Semi Annual Preview Channel for x64 2108 of version(14326.20600)
PATCH-32512	Update for Microsoft 365 Apps for Enterprise Semi Annual Preview Channel for x86 2108 of version(14326.20600)
PATCH-32525	Update for Microsoft 365 Apps for Monthly Enterprise Channel for x86 version 2109 (14430.20342)
PATCH-32527	Update for Microsoft 365 Apps for Monthly Enterprise Channel for x64 2109 of version(14430.20342)
PATCH-32468	Update for Office 2019 for 2110 Retail Version (14527.20276) (Online Installer)
PATCH-32470	Update for Office 2019 for x64 2110 Retail Version (14527.20276)
PATCH-32472	Update for Office 2019 for x86 2110 Retail Version (14527.20276)
PATCH-32520	Update for Office 2019 for x86 2110 Retail Version (14527.20276)
PATCH-32522	Update for Office 2019 for x64 2110 Retail Version (14527.20276)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234