CVE-2023-33148

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jul 11, 2023
Updated: Jan 1, 2025
CWE ID 59

Summary

CVE-2023-33148 is a newly disclosed vulnerability affecting Microsoft Office. This Elevation of Privilege (EoP) issue allows an attacker to potentially gain elevated access to a target system by manipulating specially crafted Microsoft Office files. Successful exploitation could enable the attacker to install programs, view, modify or delete data, or create new accounts with full user rights. This vulnerability poses a significant risk, especially for organizations with extensive use of Microsoft Office applications. It is recommended that users and administrators apply the Microsoft Office security update as soon as possible to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Office
  • Microsoft 365 Apps
  • Microsoft Office 2019
  • Microsoft Office 365

Affected Vendors

  • Microsoft