6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.7 High
AI Score
Confidence
Low
0.183 Low
EPSS
Percentile
96.2%
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface.
Below is a complete list of vulnerabilities:
CVE-2021-38660 unknown
CVE-2021-38654 unknown
CVE-2021-38655 unknown
CVE-2021-38656 unknown
CVE-2021-38659 unknown
CVE-2021-38653 unknown
CVE-2021-38658 unknown
CVE-2021-38651 unknown
CVE-2021-38646 unknown
CVE-2021-38652 unknown
CVE-2021-38650 unknown
CVE-2021-38657 unknown
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/4484103
support.microsoft.com/kb/4484108
support.microsoft.com/kb/5001958
support.microsoft.com/kb/5001997
support.microsoft.com/kb/5001999
support.microsoft.com/kb/5002003
support.microsoft.com/kb/5002005
support.microsoft.com/kb/5002007
support.microsoft.com/kb/5002009
support.microsoft.com/kb/5002014
support.microsoft.com/kb/5002018
support.microsoft.com/kb/5002020
support.microsoft.com/kb/5002024
nvd.nist.gov/vuln/detail/CVE-2021-38646
nvd.nist.gov/vuln/detail/CVE-2021-38650
nvd.nist.gov/vuln/detail/CVE-2021-38651
nvd.nist.gov/vuln/detail/CVE-2021-38652
nvd.nist.gov/vuln/detail/CVE-2021-38653
nvd.nist.gov/vuln/detail/CVE-2021-38654
nvd.nist.gov/vuln/detail/CVE-2021-38655
nvd.nist.gov/vuln/detail/CVE-2021-38656
nvd.nist.gov/vuln/detail/CVE-2021-38657
nvd.nist.gov/vuln/detail/CVE-2021-38658
nvd.nist.gov/vuln/detail/CVE-2021-38659
nvd.nist.gov/vuln/detail/CVE-2021-38660
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Excel/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Sharepoint-Server/
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.7 High
AI Score
Confidence
Low
0.183 Low
EPSS
Percentile
96.2%