CVE-2024-43600
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2024-43600 is an elevation of privilege vulnerability affecting Microsoft Office. Hackers can exploit this flaw to gain elevated permissions on a victim's system, potentially allowing them to install malware or steal sensitive information. This vulnerability exists due to a flaw in the way Microsoft Office handles certain file formats. Successful exploitation requires user interaction, such as opening a specially crafted file. Microsoft has released a patch to address this issue, and users are strongly encouraged to apply it as soon as possible. Failure to do so may leave systems vulnerable to attack.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft Office
Affected Vendors
- Microsoft