VDB
CVE-2023-21716
CVE-2023-21716
PUBLISHED
In verschiedenen Microsoft Office und SharePoint Produkten existieren mehrere Schwachstellen. Ein Angreifer kann dadurch seine Privilegien auf SYSTEM Rechte ausweiten, beliebigen Code zur Ausführung bringen, Sicherheitsmechanismen umgehen und Informationen offenlegen. Für die Ausnutzung einiger Schwachstellen ist eine Benutzeraktion erforderlich.
EPSS 91.42% · 99.7th percentile
Risk Scores
EPSS Score
91.42%
99.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft 365 Apps | |
| Microsoft | Microsoft Office for iOS | |
| Microsoft | Microsoft Office LTSC 2021 | |
| Microsoft | Microsoft SharePoint Server Subscription Edition | |
| Microsoft | Microsoft Office Online Server | |
| Microsoft | Microsoft Office 2019 for Mac | |
| Microsoft | Microsoft Office LTSC for Mac 2021 | |
| Microsoft | Microsoft SharePoint Server 2019 | |
| Microsoft | Microsoft SharePoint Enterprise Server 2013 SP1 | |
| Microsoft | Microsoft Word 2013 SP1 | |
| Microsoft | Microsoft Office Web Apps Server 2013 SP1 | |
| Microsoft | Microsoft Office for Universal | |
| Microsoft | Microsoft SharePoint Enterprise Server 2016 | |
| Microsoft | Microsoft OneNote for Android | |
| Microsoft | Microsoft SharePoint Foundation 2013 SP1 | |
| Microsoft | Microsoft Office for Android | |
| Microsoft | Microsoft Word 2016 | |
| Microsoft | Microsoft SharePoint Server Subscription Edition Language Pack | |
| Microsoft | Microsoft Word 2013 RT SP1 |
Exploit Intelligence
- CVE-2023-21716 - Microsoft Word RTF fonttbl Heap Corruption RCE exploit with reverse shell payload (github-poc-repo)
- CVE-2023-21716 - Microsoft Word RTF fonttbl Heap Corruption RCE exploit with reverse shell payload (github-poc-repo)
- CVE-2023-21716 - Microsoft Word RTF fonttbl Heap Corruption RCE exploit with reverse shell payload (github-poc-repo)
- CVE-2023-21716 - Microsoft Word RTF fonttbl Heap Corruption RCE exploit with reverse shell payload (github-poc-repo)
- CVE-2023-21716 - Microsoft Word RTF fonttbl Heap Corruption RCE exploit with reverse shell payload (github-poc-repo)
- CVE-2023-21716 - Microsoft Word RTF fonttbl Heap Corruption RCE exploit with reverse shell payload (github-poc-repo)
- CVE-2023-21716 - Microsoft Word RTF fonttbl Heap Corruption RCE exploit with reverse shell payload (github-poc-repo)
- CVE-2023-21716 - Microsoft Word RTF fonttbl Heap Corruption RCE exploit with reverse shell payload (github-poc-repo)
- CVE-2023-21716 - Microsoft Word RTF fonttbl Heap Corruption RCE exploit with reverse shell payload (github-poc-repo)
- CVE-2023-21716 - Microsoft Word RTF fonttbl Heap Corruption RCE exploit with reverse shell payload (github-poc)
…and 203 more exploits
Timeline
- Feb 14, 2023 CVE Published
- Feb 15, 2023 EPSS Score
- Mar 7, 2023 PoC Published
- Mar 18, 2023 EPSS Score
- Mar 27, 2023 EPSS Score
- Apr 21, 2023 EPSS Score
- May 8, 2023 EPSS Score
- May 19, 2023 EPSS Score
- Jul 8, 2023 EPSS Score
- Jul 24, 2023 EPSS Score
- Oct 11, 2023 EPSS Score
- Dec 29, 2023 EPSS Score