CVE-2023-36041

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 14, 2023

Updated: Jan 1, 2025

CWE ID 416

Summary

CVE-2023-36041 is a remote code execution vulnerability affecting Microsoft Excel. Maliciously crafted Excel files can exploit this issue, allowing an attacker to execute arbitrary code on the victim's system. Successful exploitation can lead to unauthorized system access, data theft, or further attacks. Users should update their Microsoft Office suite to the latest version to mitigate this risk. This vulnerability underscores the importance of secure file handling practices and keeping software up-to-date to protect against potential cyber threats.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Microsoft Office
Microsoft Office Long Term Servicing Channel
Microsoft Office Excel
Microsoft 365 Apps

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners