CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
97.6%
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, obtain sensitive information.
Below is a complete list of vulnerabilities:
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2021-34452 critical
CVE-2021-34520 critical
CVE-2021-34451 high
CVE-2021-34467 high
CVE-2021-34469 critical
CVE-2021-34517 high
CVE-2021-34468 high
CVE-2021-34519 high
CVE-2021-34518 critical
CVE-2021-34501 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/5001949
support.microsoft.com/kb/5001973
support.microsoft.com/kb/5001975
support.microsoft.com/kb/5001976
support.microsoft.com/kb/5001977
support.microsoft.com/kb/5001979
support.microsoft.com/kb/5001981
support.microsoft.com/kb/5001983
support.microsoft.com/kb/5001984
support.microsoft.com/kb/5001986
support.microsoft.com/kb/5001992
support.microsoft.com/kb/5001993
support.microsoft.com/kb/5001996
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34451
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34452
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34467
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34468
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34469
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34501
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34517
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34518
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34519
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34520
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Excel/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Word/
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
97.6%