Kaspersky LabKLA52323KLA52323 Multiple vulnerabilities in Microsoft Office
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
20.6%
A spoofing vulnerability was found in Microsoft Office. Malicious users can exploit this vulnerability to spoof user interface.
Original advisories
Related products
CVE list
CVE-2023-36769 unknown
KB list
Solution
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update component usually can be accessed from the Control Panel) and updates from the Update Options section, that are listed in your Office Account (Office Account tab usually can be accessed from the File menu)
Impacts
- SUI
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
Affected Products
- Microsoft OneNote 2016 (64-bit edition)Microsoft Office 2019 for 64-bit editionsMicrosoft OneNote 2013 Service Pack 1 (64-bit editions)Microsoft Office LTSC 2021 for 64-bit editionsMicrosoft OneNote 2013 RT Service Pack 1Microsoft Office 2019 for 32-bit editionsMicrosoft OneNote 2013 Service Pack 1 (32-bit editions)Microsoft OneNote 2016 (32-bit edition)Microsoft Office LTSC 2021 for 32-bit editions
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
20.6%