VDB

CVE-2023-21823

CVE-2023-21823 PUBLISHED KEV

In verschiedenen Microsoft Office und SharePoint Produkten existieren mehrere Schwachstellen. Ein Angreifer kann dadurch seine Privilegien auf SYSTEM Rechte ausweiten, beliebigen Code zur Ausführung bringen, Sicherheitsmechanismen umgehen und Informationen offenlegen. Für die Ausnutzung einiger Schwachstellen ist eine Benutzeraktion erforderlich.

EPSS 2.29% · 85.0th percentile

Risk Scores

EPSS Score
2.29%
85.0th percentile

Affected Products

VendorProductVersions
MicrosoftMicrosoft Office Web Apps Server 2013 SP1
MicrosoftMicrosoft OneNote for Android
MicrosoftMicrosoft SharePoint Enterprise Server 2016
MicrosoftMicrosoft SharePoint Server Subscription Edition Language Pack
MicrosoftMicrosoft Office LTSC for Mac 2021
MicrosoftMicrosoft Office Online Server
MicrosoftMicrosoft SharePoint Enterprise Server 2013 SP1
MicrosoftMicrosoft Office for Universal
MicrosoftMicrosoft Word 2013 SP1
MicrosoftMicrosoft SharePoint Server 2019
MicrosoftMicrosoft Word 2013 RT SP1
MicrosoftMicrosoft 365 Apps
MicrosoftMicrosoft Office for iOS
MicrosoftMicrosoft Office for Android
MicrosoftMicrosoft Office LTSC 2021
MicrosoftMicrosoft Office 2019 for Mac
MicrosoftMicrosoft Word 2016
MicrosoftMicrosoft SharePoint Foundation 2013 SP1
MicrosoftMicrosoft SharePoint Server Subscription Edition

Exploit Intelligence

…and 72 more exploits

Timeline

  • Feb 14, 2023 CISA KEV Added
  • Feb 14, 2023 PoC Published
  • Feb 14, 2023 CVE Published
  • Feb 15, 2023 EPSS Score
  • Feb 15, 2023 PoC Published
  • Mar 7, 2023 EPSS Score
  • Mar 7, 2023 PoC Published
  • Mar 26, 2023 EPSS Score
  • Apr 21, 2023 EPSS Score
  • May 19, 2023 EPSS Score
  • Jun 14, 2023 PoC Published
  • Jun 19, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›