CVE-2024-20677
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Jan 9, 2024
Updated: May 29, 2024
CWE ID 122
Summary
CVE-2024-20677 is a newly discovered vulnerability affecting FBX files in Microsoft Office. This issue could potentially enable remote code execution. In response, Microsoft has disabled the feature to insert FBX files in Word, Excel, PowerPoint, Outlook for Windows and Mac, affecting Office 2019, Office 2021, Office LTSC for Mac 2021, and Microsoft 365. Previously inserted 3D models from FBX files will continue to function, but the Link to File option is no longer supported. This change was implemented as part of the January 9, 2024 security update.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Microsoft Office
- Microsoft 365 Apps
- Microsoft Office 365
Affected Vendors
- Microsoft
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
Note: This is just a basic overview providing quick insights into CVE-2024-20677 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions