CVE-2023-36765

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 12, 2023
Updated: Sep 14, 2023

Summary

CVE-2023-36765 is an elevation of privilege vulnerability affecting Microsoft Office. An attacker who successfully exploits this vulnerability can gain higher system privileges, potentially allowing them to install programs, view, change, or delete data, or create new accounts with administrative rights. This issue can be triggered through specially crafted Microsoft Office files, and it affects multiple versions of Microsoft Office, including Microsoft Office 365 and Microsoft Office 2016. It is important to note that Microsoft has released a security update to address this vulnerability, and users are encouraged to apply the patch as soon as possible to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Office

Affected Vendors

  • Microsoft

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2023-36765 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions