Very High
CVE-2022-29110
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Very High
(1 user assessed)Moderate
(1 user assessed)Unknown
Unknown
Unknown
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
Microsoft Excel Remote Code Execution Vulnerability
Add Assessment
Ratings
-
Attacker ValueVery High
-
ExploitabilityMedium
Technical Analysis
CVE-2022-29110
Description:
The Microsoft 365 version 2204-Build-15128.20178 is vulnerable to RCE.
The malicious attacker can share a malicious .docm file in some of the internal or external networks by using an FTP malicious server and he can infect all computers in this network. The infected user can visit a very dangerous website and when he clicks it he can execute a bunch of javascript malicious codes or can execute a dangerous local code! Also, the malicious author can use a USB flash memory to infect every computer by using Microsoft 365 software.
Known Affected Software
Vendor Product Version Microsoft Microsoft_Excel 2016 (32-bit edition) Microsoft Microsoft_Excel 2016 (64-bit edition) Microsoft Microsoft_Excel 2013 RT Service Pack 1 Microsoft Microsoft_Excel 2013 Service Pack 1 (32-bit editions) Microsoft Microsoft_Excel 2013 Service Pack 1 (64-bit editions) Microsoft Microsoft_Office_Web_Apps Server 2013 Service Pack 1
Reproduce:
Proof and Exploit
Would you also like to delete your Exploited in the Wild Report?
Delete Assessment Only Delete Assessment and Exploited in the Wild ReportCVSS V3 Severity and Metrics
General Information
Vendors
- microsoft
Products
- excel 2013,
- excel 2016,
- office web apps server 2013
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below: