Attacker Value
High
(1 user assessed)
Exploitability
Moderate
(1 user assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
1

CVE-2022-21840
CVE-2022-21840
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Add Assessment

1
Ratings
  • Attacker Value
    High
  • Exploitability
    Medium
Common in enterpriseEasy to weaponizeUnauthenticatedVulnerable in default configurationRequires user interaction
Technical Analysis

Looks like this is your fairly typical maliciously crafted document exploit for Microsoft Office. These bugs are used all the time by APTs and other groups simply cause its relatively easy to convince people to open documents given the right context, and even though some people will be fairly vigilant, all it takes is compromising one user to get an initial foothold into a target network.

This bug appears to affect all Microsoft Office versions since 2013 up to and including the latest Microsoft Office online solutions and also including Microsoft Sharepoint Servers from 2013 onwards, meaning that it has quite a wide range of potential targets. User interaction is required though in the form of opening a malicious document,

Given the supposedly low complexity of exploiting this vulnerability combined with the wide range of target that it can exploit, I’d expect to see exploits for this vulnerability in the wild over the coming few months.

Log in to Add Reply

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft SharePoint Server 2019
Microsoft Office 2019 for 32-bit editions
Microsoft Office 2019 for 64-bit editions
Microsoft Office 2019 for Mac
Microsoft Office 2016 (32-bit edition)
Microsoft Office 2016 (64-bit edition)
Microsoft Office 2013 RT Service Pack 1
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Microsoft Office Online Server
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Office LTSC for Mac 2021
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft SharePoint Server Subscription Edition
SharePoint Server Subscription Edition Language Pack
Microsoft Excel 2016 (32-bit edition)
Microsoft Excel 2016 (64-bit edition)
Microsoft Excel 2013 RT Service Pack 1
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Microsoft Office Web Apps Server 2013 Service Pack 1
Microsoft SharePoint Foundation 2013 Service Pack 1
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • Microsoft

Products

  • Microsoft SharePoint Enterprise Server,
  • Microsoft SharePoint Server,
  • Microsoft Office,
  • Microsoft Office Online Server,
  • Microsoft 365 Apps for Enterprise for 32-bit Systems,
  • Microsoft 365 Apps for Enterprise for 64-bit Systems,
  • Microsoft Office LTSC for Mac 2021,
  • Microsoft Office LTSC 2021 for 64-bit editions,
  • Microsoft Office LTSC 2021 for 32-bit editions,
  • Microsoft SharePoint Server Subscription Edition,
  • SharePoint Server Subscription Edition Language Pack,
  • Microsoft Excel,
  • Microsoft Office Web Apps,
  • Microsoft SharePoint Foundation

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis