6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
0.154 Low
EPSS
Percentile
95.9%
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service.
Below is a complete list of vulnerabilities:
CVE-2021-28454 critical
CVE-2021-28449 critical
CVE-2021-28456 high
CVE-2021-28451 critical
CVE-2021-28453 critical
CVE-2021-28450 warning
CVE-2021-28452 high
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
support.microsoft.com/kb/2553491
support.microsoft.com/kb/2589361
support.microsoft.com/kb/3017810
support.microsoft.com/kb/3178639
support.microsoft.com/kb/3178643
support.microsoft.com/kb/4493170
support.microsoft.com/kb/4493185
support.microsoft.com/kb/4493198
support.microsoft.com/kb/4493201
support.microsoft.com/kb/4493208
support.microsoft.com/kb/4493215
support.microsoft.com/kb/4493218
support.microsoft.com/kb/4504701
support.microsoft.com/kb/4504705
support.microsoft.com/kb/4504709
support.microsoft.com/kb/4504712
support.microsoft.com/kb/4504714
support.microsoft.com/kb/4504715
support.microsoft.com/kb/4504716
support.microsoft.com/kb/4504719
support.microsoft.com/kb/4504721
support.microsoft.com/kb/4504722
support.microsoft.com/kb/4504723
support.microsoft.com/kb/4504724
support.microsoft.com/kb/4504726
support.microsoft.com/kb/4504727
support.microsoft.com/kb/4504729
support.microsoft.com/kb/4504733
support.microsoft.com/kb/4504735
support.microsoft.com/kb/4504738
support.microsoft.com/kb/4504739
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28449
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28450
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28451
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28452
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28453
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28454
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28456
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Excel/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Outlook/
threats.kaspersky.com/en/product/Microsoft-Word/
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
0.154 Low
EPSS
Percentile
95.9%