Home

CVE-2022-21840

Description

Microsoft Office Remote Code Execution Vulnerability

Risk Information

Base Score
8.7
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
7.197

Associated Vulnerability

VulnerabilityOS Platform
Microsoft SharePoint Server Remote Code Execution Vulnerability for Microsoft SharePoint Server 2019 Core (KB5002109) farm-deploymentWindows
Microsoft SharePoint Server Remote Code Execution Vulnerability for Microsoft SharePoint Enterprise Server 2016 (KB5002113) farm-deploymentWindows
Microsoft SharePoint Server Remote Code Execution Vulnerability for Microsoft SharePoint Foundation 2013 (KB5002127)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft SharePoint Enterprise Server 2013 (KB5001995)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2016 (KB5002052) 32-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2016 (KB5002052) 64-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2016 (KB5002060) 64-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2016 (KB5002060) 32-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2013 (KB5002064) 64-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2013 (KB5002064) 32-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft SharePoint Enterprise Server 2013 (KB5002102)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft SharePoint Server 2019 Language Pack (KB5002108) farm-deploymentWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Excel 2016 (KB5002114) 64-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Excel 2016 (KB5002114) 32-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2016 (KB5002115) 64-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2016 (KB5002115) 32-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft SharePoint Enterprise Server 2016 (KB5002118) farm-deploymentWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Office Web Apps Server 2013 (KB5002122)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Excel 2013 (KB5002128) 32-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Excel 2013 (KB5002128) 64-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft SharePoint Foundation 2013 (KB5002129)Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2019 for x86 1808 of version(10382.20034)Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2019 for x64 1808 of version(10382.20034)Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2019 for x64 1808 of volume version(10382.20034)Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2019 for x86 1808 of volume version(10382.20034)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2108 of version(14326.20738)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2108 of version(14326.20738)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x64 2108 of version(14326.20738)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x86 2108 of version(14326.20738)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2108 of version(14326.20738)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2108 of version(14326.20738)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2108 (Build 14326.20738) (Online Installer)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Targeted Channel Version 2108 (Build 14326.20738) (Online Installer)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x64 2108 of version(14326.20738)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x86 2108 of version(14326.20738)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2108 of version(14326.20738)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2108 of version(14326.20738)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Preview Channel for x64 2108 of version(14326.20738)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Preview Channel for x86 2108 of version(14326.20738)Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2021 for x64 2108 of volume version(14332.20216)Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2021 for x86 2108 of volume version(14332.20216)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Monthly Enterprise Channel for x64 2111 of version(14701.20290)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Monthly Enterprise Channel for x86 version 2111 (14701.20290)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x64 2112 of version(14729.20248)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x86 2112 of version(14729.20248)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Current Channel for x64 2112 of version(14729.20248)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Current Channel for x86 2112 of version(14729.20248)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel Version 2112 (Build 14729.20248) (Online Installer)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Current Channel for x64 2112 of version(14729.20248)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Current Channel for x86 2112 of version(14729.20248)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x64 2112 of version(14729.20248)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x86 2112 of version(14729.20248)Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2019 for x64 2112 Retail Version (14729.20248)Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2019 for x86 2112 Retail Version (14729.20248)Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2021 for x64 2112 of volume version(14729.20248)Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2021 for x86 2112 of Retail Version(14729.20248)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-32885Security Update for Microsoft SharePoint Enterprise Server 2016 (KB5002113) farm-deployment
PATCH-32891Security Update for Microsoft SharePoint Foundation 2013 (KB5002127)
PATCH-32915Security Update for Microsoft SharePoint Enterprise Server 2013 (KB5001995)
PATCH-32908Security Update for Microsoft Office 2016 (KB5002052) 32-Bit Edition
PATCH-32909Security Update for Microsoft Office 2016 (KB5002052) 64-Bit Edition
PATCH-32904Security Update for Microsoft Office 2016 (KB5002060) 64-Bit Edition
PATCH-32905Security Update for Microsoft Office 2016 (KB5002060) 32-Bit Edition
PATCH-32896Security Update for Microsoft Office 2013 (KB5002064) 64-Bit Edition
PATCH-32897Security Update for Microsoft Office 2013 (KB5002064) 32-Bit Edition
PATCH-32916Security Update for Microsoft SharePoint Enterprise Server 2013 (KB5002102)
PATCH-32914Security Update for Microsoft SharePoint Server 2019 Language Pack (KB5002108) farm-deployment
PATCH-32910Security Update for Microsoft Excel 2016 (KB5002114) 64-Bit Edition
PATCH-32911Security Update for Microsoft Excel 2016 (KB5002114) 32-Bit Edition
PATCH-32906Security Update for Microsoft Office 2016 (KB5002115) 64-Bit Edition
PATCH-32907Security Update for Microsoft Office 2016 (KB5002115) 32-Bit Edition
PATCH-32886Security Update for Microsoft SharePoint Enterprise Server 2016 (KB5002118) farm-deployment
PATCH-32895Security Update for Microsoft Office Web Apps Server 2013 (KB5002122)
PATCH-32902Security Update for Microsoft Excel 2013 (KB5002128) 32-Bit Edition
PATCH-32903Security Update for Microsoft Excel 2013 (KB5002128) 64-Bit Edition
PATCH-32894Security Update for Microsoft SharePoint Foundation 2013 (KB5002129)
PATCH-32928Update for Office 2019 for x86 1808 of version(10382.20034)
PATCH-32930Update for Office 2019 for x64 1808 of version(10382.20034)
PATCH-32971Update for Office 2019 for x64 1808 of volume version(10382.20034)
PATCH-32973Update for Office 2019 for x86 1808 of volume version(10382.20034)
PATCH-32932Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2108 of version(14326.20738)
PATCH-32934Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2108 of version(14326.20738)
PATCH-32936Update for Microsoft 365 Apps for Business Semi Annual Channel for x64 2108 of version(14326.20738)
PATCH-32938Update for Microsoft 365 Apps for Business Semi Annual Channel for x86 2108 of version(14326.20738)
PATCH-32940Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2108 of version(14326.20738)
PATCH-32942Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2108 of version(14326.20738)
PATCH-32943Update for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2108 (Build 14326.20738) (Online Installer)
PATCH-32944Update for Microsoft 365 Apps for Enterprise Targeted Channel Version 2108 (Build 14326.20738) (Online Installer)
PATCH-32959Update for Microsoft 365 Apps for Business Semi Annual Channel for x64 2108 of version(14326.20738)
PATCH-32961Update for Microsoft 365 Apps for Business Semi Annual Channel for x86 2108 of version(14326.20738)
PATCH-32963Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2108 of version(14326.20738)
PATCH-32965Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2108 of version(14326.20738)
PATCH-32967Update for Microsoft 365 Apps for Enterprise Semi Annual Preview Channel for x64 2108 of version(14326.20738)
PATCH-32969Update for Microsoft 365 Apps for Enterprise Semi Annual Preview Channel for x86 2108 of version(14326.20738)
PATCH-32979Update for Office 2021 for x64 2108 of volume version(14332.20216)
PATCH-32981Update for Office 2021 for x86 2108 of volume version(14332.20216)
PATCH-32955Update for Microsoft 365 Apps for Monthly Enterprise Channel for x64 2111 of version(14701.20290)
PATCH-32957Update for Microsoft 365 Apps for Monthly Enterprise Channel for x86 version 2111 (14701.20290)
PATCH-32920Update for Microsoft 365 Apps for Enterprise Current Channel for x64 2112 of version(14729.20248)
PATCH-32922Update for Microsoft 365 Apps for Enterprise Current Channel for x86 2112 of version(14729.20248)
PATCH-32924Update for Microsoft 365 Apps for Business Current Channel for x64 2112 of version(14729.20248)
PATCH-32926Update for Microsoft 365 Apps for Business Current Channel for x86 2112 of version(14729.20248)
PATCH-32945Update for Microsoft 365 Apps for Enterprise Current Channel Version 2112 (Build 14729.20248) (Online Installer)
PATCH-32947Update for Microsoft 365 Apps for Business Current Channel for x64 2112 of version(14729.20248)
PATCH-32949Update for Microsoft 365 Apps for Business Current Channel for x86 2112 of version(14729.20248)
PATCH-32951Update for Microsoft 365 Apps for Enterprise Current Channel for x64 2112 of version(14729.20248)
PATCH-32953Update for Microsoft 365 Apps for Enterprise Current Channel for x86 2112 of version(14729.20248)
PATCH-32975Update for Office 2019 for x64 2112 Retail Version (14729.20248)
PATCH-32977Update for Office 2019 for x86 2112 Retail Version (14729.20248)
PATCH-32983Update for Office 2021 for x64 2112 of volume version(14729.20248)
PATCH-32985Update for Office 2021 for x86 2112 of Retail Version(14729.20248)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234