Lucene search
MicrosoftCVELIST:CVE-2023-24953HistoryMay 09, 2023 - 5:03 p.m.
CVE-2023-24953 Microsoft Excel Remote Code Execution Vulnerability
2023-05-0917:03:00
CWE-416
microsoft
www.cve.org
1
cve-2023-24953
microsoft
excel
remote code execution
vulnerability
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
0.005 Low
EPSS
Percentile
76.9%
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft Office 2019",
"cpes": [
"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "19.0.0",
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Office 2019 for Mac",
"cpes": [
"cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "16.0.0",
"lessThan": "16.73.23051401",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Office Online Server",
"cpes": [
"cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "16.0.1",
"lessThan": "16.0.10398.20000",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft 365 Apps for Enterprise",
"cpes": [
"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "16.0.1",
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Office LTSC for Mac 2021",
"cpes": [
"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "16.0.1",
"lessThan": "16.73.23051401",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Office LTSC 2021",
"cpes": [
"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"versions": [
{
"version": "16.0.1",
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Excel 2016",
"cpes": [
"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*",
"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "16.0.0.0",
"lessThan": "16.0.5395.1000",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Excel 2013 Service Pack 1",
"cpes": [
"cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*",
"cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x86:*",
"cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x64:*"
],
"platforms": [
"ARM64-based Systems",
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "15.0.0.0",
"lessThan": "15.0.5553.1000",
"versionType": "custom",
"status": "affected"
},
{
"version": "15.0.0.0",
"lessThan": "15.0.5563.1000",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
mscve
mscve
Microsoft Excel Remote Code Execution Vulnerability
2023-05-09 07:00:00
nessus
nessus
Security Updates for Microsoft Excel Products C2R (May 2023)
2023-05-11 00:00:00
Security Updates for Microsoft Office Online Server (May 2023)
2023-05-09 00:00:00
Security Updates for Microsoft Excel Products (May 2023)
2023-05-09 00:00:00
cnvd
cnvd
Microsoft Excel Code Execution Vulnerability (CNVD-2023-80165)
2023-05-12 00:00:00
openvas
openvas
Microsoft Excel 2013 Service Pack 1 Remote Code Execution Vulnerability (KB5002384)
2023-05-10 00:00:00
Microsoft Excel 2016 Remote Code Execution Vulnerability (KB5002386)
2023-05-10 00:00:00
Microsoft Office 2019 Multiple RCE Vulnerabilities (May 2023) - Mac OS X
2023-05-15 00:00:00
cve
cve
CVE-2023-24953
2023-05-09 18:15:13
nvd
nvd
CVE-2023-24953
2023-05-09 18:15:13
mskb
mskb
prion
prion
Remote code execution
2023-05-09 18:15:00
kaspersky
kaspersky
KLA49155 Multiple vulnerabilities in Microsoft Office
2023-05-09 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - May 2023
2023-05-09 20:02:02
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
0.005 Low
EPSS
Percentile
76.9%
Related for CVELIST:CVE-2023-24953