VDB
WID-SEC-W-2023-0391
WID-SEC-W-2023-0391
PUBLISHED
Die Microsoft Office Suite beinhaltet zahlreiche Büroanwendungen wie Textverarbeitung, Tabellenkalkulation, Datenbank und weitere Applikationen. Microsoft Sharepoint ist ein Portalsystem für die zentrale Verwaltung von Dokumenten und Anwendungen. Die Inhalte werden u. a. über Webseiten zur Verfügung gestellt.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft Office 2019 for Mac | ||
| Microsoft Office LTSC for Mac 2021 | ||
| Microsoft SharePoint Server 2019 | ||
| Microsoft Office for iOS | ||
| Microsoft 365 Apps | ||
| Microsoft Word 2013 SP1 | ||
| Microsoft Word 2013 RT SP1 | ||
| Microsoft Office for Universal | ||
| Microsoft Word 2016 | ||
| Microsoft SharePoint Foundation 2013 SP1 | ||
| Microsoft Office LTSC 2021 | ||
| Microsoft Office Web Apps Server 2013 SP1 | ||
| Microsoft OneNote for Android | ||
| Microsoft SharePoint Enterprise Server 2016 | ||
| Microsoft SharePoint Server Subscription Edition Language Pack | ||
| Microsoft SharePoint Server Subscription Edition | ||
| Microsoft SharePoint Enterprise Server 2013 SP1 | ||
| Microsoft Office for Android | ||
| Microsoft Office Online Server |
Exploit Intelligence
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0391.json (circl)
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0391 (circl)
- https://www.helpnetsecurity.com/2023/03/06/cve-2023-21716-poc/ (circl)
- https://msrc.microsoft.com/update-guide (circl)
- CVE_2023_21716.yar (github-yara)
- HUNT_RTF_CVE_2023_21716.yar (github-yara)
- HUNT_RTF_CVE_2023_21716.yar (github-yara)
- SECUINFRA_HUNT_RTF_CVE_2023_21716_Mar23.yar (github-yara)
- HUNT_RTF_CVE_2023_21716.yar (github-yara)
Timeline
- Feb 14, 2023 CVE Published
- Mar 6, 2023 CVE Updated
- Mar 7, 2023 PoC Published
- Mar 1, 2024 PoC Published
- Jul 14, 2024 PoC Published
- Feb 25, 2025 PoC Published
- Sep 30, 2025 PoC Published