Attacker Value
(1 user assessed)
(1 user assessed)
User Interaction
Privileges Required
Attack Vector


Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Add Assessment

Technical Analysis

Looks like this is your fairly typical maliciously crafted document exploit for Microsoft Office. These bugs are used all the time by APTs and other groups simply cause its relatively easy to convince people to open documents given the right context, and even though some people will be fairly vigilant, all it takes is compromising one user to get an initial foothold into a target network.

This bug appears to affect all Microsoft Office versions since 2013 up to and including the latest Microsoft Office online solutions and also including Microsoft Sharepoint Servers from 2013 onwards, meaning that it has quite a wide range of potential targets. User interaction is required though in the form of opening a malicious document,

Given the supposedly low complexity of exploiting this vulnerability combined with the wide range of target that it can exploit, I’d expect to see exploits for this vulnerability in the wild over the coming few months.

General Information


  • Microsoft


  • Microsoft SharePoint Enterprise Server,
  • Microsoft SharePoint Server,
  • Microsoft Office,
  • Microsoft Office Online Server,
  • Microsoft 365 Apps for Enterprise for 32-bit Systems,
  • Microsoft 365 Apps for Enterprise for 64-bit Systems,
  • Microsoft Office LTSC for Mac 2021,
  • Microsoft Office LTSC 2021 for 64-bit editions,
  • Microsoft Office LTSC 2021 for 32-bit editions,
  • Microsoft SharePoint Server Subscription Edition,
  • SharePoint Server Subscription Edition Language Pack,
  • Microsoft Excel,
  • Microsoft Office Web Apps,
  • Microsoft SharePoint Foundation

Additional Info

Technical Analysis