Attacker Value
Very High
(1 user assessed)
Exploitability
Moderate
(1 user assessed)
User Interaction
Required
Privileges Required
None
Attack Vector
Local
3

CVE-2022-29110

Disclosure Date: May 10, 2022
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Execution
Techniques
Validation
Validated

Description

Microsoft Excel Remote Code Execution Vulnerability

Add Assessment

0
Ratings
  • Attacker Value
    Very High
  • Exploitability
    Medium
Technical Analysis

CVE-2022-29110

Description:

The Microsoft 365 version 2204-Build-15128.20178 is vulnerable to RCE.
The malicious attacker can share a malicious .docm file in some of the internal or external networks by using an FTP malicious server and he can infect all computers in this network. The infected user can visit a very dangerous website and when he clicks it he can execute a bunch of javascript malicious codes or can execute a dangerous local code! Also, the malicious author can use a USB flash memory to infect every computer by using Microsoft 365 software.

Known Affected Software

Vendor 	Product 	Version
Microsoft 	Microsoft_Excel	2016 (32-bit edition)
Microsoft 	Microsoft_Excel	2016 (64-bit edition)
Microsoft 	Microsoft_Excel	2013 RT Service Pack 1
Microsoft 	Microsoft_Excel	2013 Service Pack 1 (32-bit editions)
Microsoft 	Microsoft_Excel	2013 Service Pack 1 (64-bit editions)
Microsoft 	Microsoft_Office_Web_Apps	Server 2013 Service Pack 1

Reproduce:

href

Proof and Exploit

href

CVSS V3 Severity and Metrics
Base Score:
7.8 High
Impact Score:
5.9
Exploitability Score:
1.8
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
Required
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High

General Information

Vendors

  • microsoft

Products

  • excel 2013,
  • excel 2016,
  • office web apps server 2013

Additional Info

Technical Analysis