CVE-2023-31275

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 27, 2023

Updated: Dec 1, 2023

CWE ID 908

CWE ID 457

Summary

CVE-2023-31275 is a newly identified vulnerability affecting WPS Office 11.2.0.11537. This issue involves an uninitialized pointer use in the handling of Data elements within Excel files. A maliciously crafted file can exploit this weakness, resulting in remote code execution. An attacker can leverage this vulnerability by supplying a specially crafted Excel file to unsuspecting users, potentially leading to significant security risks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Kingsoft Corporation Limited

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tlZ1u4
https://www.cve.org/CVERecord?id=CVE-2023-31275
https://nvd.nist.gov/vuln/detail/CVE-2023-31275

Back to Vulnerability Database

CVE-2023-31275

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations