CVE-2023-35371

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 8, 2023

Updated: May 29, 2024

CWE ID 415

Summary

CVE-2023-35371 is a remote code execution vulnerability affecting Microsoft Office. Maliciously crafted Office files can manipulate the software to run arbitrary code on a victim's system, potentially leading to significant security risks. Exploitation of this vulnerability could result in unauthorized system access, data theft, or further malware infections. Microsoft strongly advises users to update their Office applications to the latest version, as patches have been released to address this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft Office
Microsoft 365 Apps
Microsoft Office 365

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rzlExP
https://www.cve.org/CVERecord?id=CVE-2023-35371
https://nvd.nist.gov/vuln/detail/CVE-2023-35371

Back to Vulnerability Database