CVE-2023-33148
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2023-33148 is a newly disclosed vulnerability affecting Microsoft Office. This Elevation of Privilege (EoP) issue allows an attacker to potentially gain elevated access to a target system by manipulating specially crafted Microsoft Office files. Successful exploitation could enable the attacker to install programs, view, modify or delete data, or create new accounts with full user rights. This vulnerability poses a significant risk, especially for organizations with extensive use of Microsoft Office applications. It is recommended that users and administrators apply the Microsoft Office security update as soon as possible to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft Office
- Microsoft 365 Apps
- Microsoft Office 2019
- Microsoft Office 365
Affected Vendors
- Microsoft