CVE-2023-36765
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2023-36765 is an elevation of privilege vulnerability affecting Microsoft Office. An attacker who successfully exploits this vulnerability can gain higher system privileges, potentially allowing them to install programs, view, change, or delete data, or create new accounts with administrative rights. This issue can be triggered through specially crafted Microsoft Office files, and it affects multiple versions of Microsoft Office, including Microsoft Office 365 and Microsoft Office 2016. It is important to note that Microsoft has released a security update to address this vulnerability, and users are encouraged to apply the patch as soon as possible to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft Office
Affected Vendors
- Microsoft
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions