VDB
CNVD-2024-10429
CNVD-2024-10429
PUBLISHED
CVSS 7.800000190734863 HIGH
Microsoft Office是微软公司开发的一套基于Windows操作系统的办公软件套装。 Microsoft Office存在远程代码执行漏洞,攻击者可利用该漏洞在系统上执行任意代码。
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft PowerPoint 2016 | 16.0.0 |
| Microsoft | Microsoft Visio 2016 | 16.0.1 |
| Microsoft | Microsoft Office LTSC 2021 | 16.0.1 |
| Microsoft | Skype for Business 2016 | 0 |
| microsoft | excel | 16.0.0.0 |
| Microsoft | Microsoft Office 2016 | 16.0.0 |
| Microsoft | Microsoft Excel 2016 | 16.0.0.0 |
| Microsoft | Microsoft Office 2019 | 19.0.0 |
| Microsoft | Microsoft Publisher 2016 | 16.0.0 |
| microsoft | publisher | 16.0.0 |
| microsoft | office | 19.0.0, 16.0.0 |
| microsoft | powerpoint | 16.0.0 |
| microsoft | skype_for_business | 0 |
| microsoft | visio | 16.0.1 |
| microsoft | office_long_term_servicing_channel | 16.0.1 |
| microsoft | word | 16.0.1 |
| Microsoft | Microsoft Word 2016 | 16.0.1 |
Exploit Intelligence
- CIRCL seen: CVE-2024-20673 (circl-sighting)
- CIRCL seen: CVE-2024-20673 (circl-sighting)
- Microsoft Office Remote Code Execution Vulnerability (circl)
Timeline
- Feb 13, 2024 CVE Published
- Feb 13, 2024 PoC Published
- Feb 23, 2024 CVE ID Reserved
- May 9, 2025 PoC Published
- Jun 14, 2026 Security Advisory
References
- Microsoft Office Remote Code Execution Vulnerability vendor-advisory