CVE-2023-23399

Microsoft Excel Remote Code Execution Vulnerability

CVSS 7.8 HIGHEPSS 2.5%CWE-125

Microsoft Excel Remote Code Execution Vulnerability

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Affected products

Microsoft · Microsoft 365 Apps for Enterprise Microsoft · Microsoft Excel 2013 Service Pack 1 Microsoft · Microsoft Excel 2016 Microsoft · Microsoft Office 2013 Service Pack 1 Microsoft · Microsoft Office 2016 Microsoft · Microsoft Office 2019 Microsoft · Microsoft Office 2019 for Mac Microsoft · Microsoft Office LTSC 2021 Microsoft · Microsoft Office LTSC for Mac 2021 Microsoft · Microsoft Office Online Server Microsoft · Microsoft Office Web Apps Server 2013 Service Pack 1

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/51328unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23399