VDB
CNVD-2024-02716
CNVD-2024-02716
PUBLISHED
CVSS 7.800000190734863 HIGH
Microsoft Office是美国微软(Microsoft)公司的一款办公软件套件产品。该产品常用组件包括Word、Excel、Access、Powerpoint、FrontPage等。 Microsoft Office存在执行代码漏洞,攻击者可利用该漏洞在系统上执行任意代码。
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | 365_apps | 16.0.1 |
| Microsoft | Microsoft Office 2019 | 19.0.0 |
| Microsoft | Microsoft Office LTSC for Mac 2021 | 16.0.1 |
| microsoft | office | 19.0.0 |
| microsoft | office_long_term_servicing_channel | 16.0.1, 16.0.1 |
| Microsoft | Microsoft Office LTSC 2021 | 16.0.1 |
| Microsoft | 3D Viewer | 7.0.0 |
| Microsoft | Microsoft 365 Apps for Enterprise | 16.0.1 |
| microsoft | 3d_viewer | 7.0.0 |
Exploit Intelligence
- CIRCL seen: CVE-2024-20677 (circl-sighting)
- CIRCL seen: CVE-2024-20677 (circl-sighting)
- Microsoft Office Remote Code Execution Vulnerability (circl)
Timeline
- Jan 9, 2024 CVE Published
- Jan 9, 2024 PoC Published
- Jan 10, 2024 PoC Published
- Jan 12, 2024 CVE ID Reserved
- Jun 14, 2026 Security Advisory
References
- Microsoft Office Remote Code Execution Vulnerability vendor-advisory