7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
0.035 Low
EPSS
Percentile
91.6%
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, obtain sensitive information.
Below is a complete list of vulnerabilities:
CVE-2020-1099 warning
CVE-2020-0901 critical
CVE-2020-1069 high
CVE-2020-1024 high
CVE-2020-1100 warning
CVE-2020-1101 warning
CVE-2020-1023 high
CVE-2020-1103 warning
CVE-2020-1102 high
CVE-2020-1105 warning
CVE-2020-1104 warning
CVE-2020-1107 warning
CVE-2020-1106 warning
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/4484332
support.microsoft.com/kb/4484336
support.microsoft.com/kb/4484338
support.microsoft.com/kb/4484352
support.microsoft.com/kb/4484364
support.microsoft.com/kb/4484365
support.microsoft.com/kb/4484383
support.microsoft.com/kb/4484384
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-0901
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1023
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1024
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1069
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1099
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1100
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1101
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1102
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1103
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1104
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1105
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1106
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1107
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Excel/
threats.kaspersky.com/en/product/Microsoft-Office/
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
0.035 Low
EPSS
Percentile
91.6%