6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.6 High
AI Score
Confidence
High
0.236 Low
EPSS
Percentile
96.6%
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface, obtain sensitive information.
Below is a complete list of vulnerabilities:
CVE-2021-42293 high
CVE-2021-43875 critical
CVE-2021-43255 high
CVE-2021-42320 high
CVE-2021-42294 high
CVE-2021-42309 critical
CVE-2021-42295 high
CVE-2021-43242 high
CVE-2021-43256 critical
CVE-2021-43876 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/4486726
support.microsoft.com/kb/4504710
support.microsoft.com/kb/4504745
support.microsoft.com/kb/5002008
support.microsoft.com/kb/5002015
support.microsoft.com/kb/5002033
support.microsoft.com/kb/5002045
support.microsoft.com/kb/5002047
support.microsoft.com/kb/5002054
support.microsoft.com/kb/5002055
support.microsoft.com/kb/5002059
support.microsoft.com/kb/5002061
support.microsoft.com/kb/5002071
support.microsoft.com/kb/5002097
support.microsoft.com/kb/5002098
support.microsoft.com/kb/5002099
support.microsoft.com/kb/5002101
support.microsoft.com/kb/5002103
support.microsoft.com/kb/5002104
support.microsoft.com/kb/5002105
nvd.nist.gov/vuln/detail/CVE-2021-42293
nvd.nist.gov/vuln/detail/CVE-2021-42294
nvd.nist.gov/vuln/detail/CVE-2021-42295
nvd.nist.gov/vuln/detail/CVE-2021-42309
nvd.nist.gov/vuln/detail/CVE-2021-42320
nvd.nist.gov/vuln/detail/CVE-2021-43242
nvd.nist.gov/vuln/detail/CVE-2021-43255
nvd.nist.gov/vuln/detail/CVE-2021-43256
nvd.nist.gov/vuln/detail/CVE-2021-43875
nvd.nist.gov/vuln/detail/CVE-2021-43876
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Excel/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-SharePoint/
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.6 High
AI Score
Confidence
High
0.236 Low
EPSS
Percentile
96.6%