Lucene search
MicrosoftCVE-2023-36896HistoryAug 08, 2023 - 6:15 p.m.
CVE-2023-36896
2023-08-0818:15:15
CWE-122
microsoft
web.nvd.nist.gov
107
cve-2023-36896
microsoft
excel
remote code execution
vulnerability
nvd
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.1
Confidence
High
EPSS
0.002
Percentile
60.8%
Microsoft Excel Remote Code Execution Vulnerability
Affected configurations
Node
microsoft365_appsMatch-enterprisex64
ORmicrosoft365_appsMatch-enterprisex86
ORmicrosoftofficeMatch2013sp1x64
ORmicrosoftofficeMatch2013_rtsp1
ORmicrosoftofficeMatch2016x64
ORmicrosoftofficeMatch2019x64
ORmicrosoftofficeMatch2019x86
ORmicrosoftofficeMatch2019macos
ORmicrosoftoffice_long_term_servicing_channelMatch2021x64
ORmicrosoftoffice_long_term_servicing_channelMatch2021x86
ORmicrosoftoffice_long_term_servicing_channelMatch2021macos
ORmicrosoftoffice_online_serverMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | 365_apps | - | cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:* |
| microsoft | 365_apps | - | cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:* |
| microsoft | office | 2013 | cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:* |
| microsoft | office | 2013_rt | cpe:2.3:a:microsoft:office:2013_rt:sp1:*:*:*:*:*:* |
| microsoft | office | 2016 | cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:* |
| microsoft | office | 2019 | cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:* |
| microsoft | office | 2019 | cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:* |
| microsoft | office | 2019 | cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:* |
| microsoft | office_long_term_servicing_channel | 2021 | cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:x64:* |
| microsoft | office_long_term_servicing_channel | 2021 | cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:x86:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft Office 2019",
"cpes": [
"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "19.0.0",
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Office 2019 for Mac",
"cpes": [
"cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "16.0.0",
"lessThan": "16.76.23081101",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Office Online Server",
"cpes": [
"cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "16.0.1",
"lessThan": "16.0.10401.20022",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft 365 Apps for Enterprise",
"cpes": [
"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "16.0.1",
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Office LTSC for Mac 2021",
"cpes": [
"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "16.0.1",
"lessThan": "16.76.23081101",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Office LTSC 2021",
"cpes": [
"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"versions": [
{
"version": "16.0.1",
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Excel 2016",
"cpes": [
"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*",
"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "16.0.0.0",
"lessThan": "16.0.5408.1002",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Excel 2013 Service Pack 1",
"cpes": [
"cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*",
"cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x86:*",
"cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x64:*"
],
"platforms": [
"ARM64-based Systems",
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "15.0.0.0",
"lessThan": "15.0.5579.1001",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
nvd
nvd
CVE-2023-36896
2023-08-08 18:15:15
prion
prion
Remote code execution
2023-08-08 18:15:00
nessus
nessus
Security Updates for Microsoft Excel Products (August 2023)
2023-08-08 00:00:00
Security Updates for Microsoft Excel Products C2R (August 2023)
2023-08-09 00:00:00
Security Updates for Microsoft Office Online Server (August 2023)
2023-08-09 00:00:00
mscve
mscve
Microsoft Excel Remote Code Execution Vulnerability
2023-08-08 07:00:00
mskb
mskb
cvelist
cvelist
CVE-2023-36896 Microsoft Excel Remote Code Execution Vulnerability
2023-08-08 17:08:52
cnvd
cnvd
Microsoft Excel Remote Code Execution Vulnerability (CNVD-2023-64864)
2023-08-12 00:00:00
openvas
openvas
Microsoft Office 2019 Multiple Vulnerabilities (Aug 2023) - Mac OS X
2023-08-10 00:00:00
Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Aug 2023)
2023-08-10 00:00:00
kaspersky
kaspersky
KLA51714 Multiple vulnerabilities in Microsoft Office
2023-08-08 00:00:00
talosblog
talosblog
rapid7blog
rapid7blog
Patch Tuesday - August 2023
2023-08-08 21:11:35
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.1
Confidence
High
EPSS
0.002
Percentile
60.8%
Related for CVE-2023-36896