CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
85.9%
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface.
Below is a complete list of vulnerabilities:
CVE-2022-26806 critical
CVE-2022-26805 critical
CVE-2022-44693 critical
CVE-2022-47211 critical
CVE-2022-26804 critical
CVE-2022-44695 critical
CVE-2022-44694 critical
CVE-2022-44696 critical
CVE-2022-44690 critical
CVE-2022-44713 critical
CVE-2022-47212 critical
CVE-2022-44691 critical
CVE-2022-47213 critical
CVE-2022-44692 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/5002280
support.microsoft.com/kb/5002286
support.microsoft.com/kb/5002311
support.microsoft.com/kb/5002317
support.microsoft.com/kb/5002319
support.microsoft.com/kb/5002321
support.microsoft.com/kb/5002327
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26804
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26805
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26806
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44690
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44691
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44692
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44693
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44694
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44695
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44696
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44713
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-47211
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-47212
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-47213
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-SharePoint/