VDB
CVE-2023-33160
CVE-2023-33160
PUBLISHED
In Microsoft 365 Apps, Microsoft Excel, Microsoft Office, Microsoft Office Online Server, Microsoft Outlook, Microsoft SharePoint und Microsoft Word existieren mehrere Schwachstellen. Diese werden von Microsoft nicht im Detail beschrieben. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen, Sicherheitsvorkehrungen zu umgehen oder Dateien zu manipulieren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich.
EPSS 12.37% · 94.0th percentile
Risk Scores
EPSS Score
12.37%
94.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft SharePoint Enterprise Server 2016 | |
| Microsoft | Microsoft Office 2013 Click-to-Run (C2R) | |
| Gentoo | Gentoo Linux | |
| Microsoft | Microsoft Office LTSC 2021 | |
| Microsoft | Microsoft Office Online Server | |
| Xerox | Xerox FreeFlow Print Server v9 | |
| Microsoft | Microsoft Excel 2013 RT SP1 | |
| Microsoft | Microsoft Word 2013 SP1 | |
| Xerox | Xerox FreeFlow Print Server v2 | |
| Microsoft | Microsoft SharePoint Server 2019 | |
| Microsoft | Microsoft Office LTSC for Mac 2021 | |
| Microsoft | Microsoft Outlook 2013 | |
| Microsoft | Microsoft Word 2016 | |
| Microsoft | Microsoft SharePoint Server Subscription Edition | |
| Microsoft | Microsoft Excel 2013 SP1 | |
| Microsoft | Microsoft Office for Universal | |
| Microsoft | Microsoft Office 2013 SP1 | |
| Xerox | Xerox FreeFlow Print Server v7 for Solaris | |
| Microsoft | Microsoft Office 2016 | |
| Microsoft | Microsoft Office 2019 |
…and 9 more
Exploit Intelligence
- CIRCL seen: CVE-2023-33160 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2023-33160 (circl-sighting)
- https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
- CIRCL seen: CVE-2023-33160 (circl-sighting)
- Microsoft SharePoint Server Remote Code Execution Vulnerability (circl)
Timeline
- Jul 11, 2023 CVE Published
- Jul 12, 2023 EPSS Score
- Jul 12, 2023 PoC Published
- Jul 12, 2023 PoC Published
- Aug 23, 2023 PoC Published
- Sep 19, 2023 EPSS Score
- Oct 24, 2023 EPSS Score
- Jan 1, 2024 EPSS Score
- Mar 10, 2024 EPSS Score
- May 18, 2024 EPSS Score
- Jun 22, 2024 EPSS Score
- Aug 30, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1720.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1720 advisory
- https://msrc.microsoft.com/update-guide/de-DE/vulnerability/ADV230003 advisory
- https://msrc.microsoft.com/update-guide advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2031.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2031 advisory
- https://security.business.xerox.com/wp-content/uploads/2023/08/cert_XRX23-011_FFPSv7-S11_MediaInstall_Aug2023.pdf advisory
- https://security.business.xerox.com/wp-content/uploads/2023/08/cert_XRX23-012_FFPSv2_Win10_SecurityBulletin_Aug2023.pdf advisory
- https://securitydocs.business.xerox.com/wp-content/uploads/2023/08/Xerox-Security-Bulletin-XRX23-013-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf advisory
- https://alas.aws.amazon.com/AL2/ALAS-2023-2331.html advisory
- https://security.gentoo.org/glsa/202408-17 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2025-d2d3a5fa79 advisory