High
CVE-2022-30174
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2022-30174
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
Microsoft Office Remote Code Execution Vulnerability
Add Assessment
Ratings
-
Attacker ValueVery High
-
ExploitabilityVery High
Would you also like to delete your Exploited in the Wild Report?
Delete Assessment Only Delete Assessment and Exploited in the Wild ReportRatings
-
Attacker ValueMedium
-
ExploitabilityMedium
Technical Analysis
CVE-2022-30174
Description:
Microsoft Office Remote Code Execution Vulnerability.
This attack requires a specially crafted file to be placed either in an online directory or in a local network location.
When a victim runs this file, it loads the malicious DLL or EXE file.
WARNING:
Use your Windows Defender
turned
on
and update
him regularly!!!
Conclusion:
-
- So. I’ve decided to test this stupid and forever stupid thing MS Office 365 which is from 7 maybe 10 years just like that. Some things will never change.
- So. I’ve decided to test this stupid and forever stupid thing MS Office 365 which is from 7 maybe 10 years just like that. Some things will never change.
Tested on Windows 11.
365 don’t give a f*** what you give him to execute, it depends on the lure…
For the
usual users
: If you don’t have some virus protection software, you are lost…😯 😝 🤫 😛 😎STATUS: Medium vulnerability but it is there! Watch out, dear friends! 😎
Proof and Exploit:
Would you also like to delete your Exploited in the Wild Report?
Delete Assessment Only Delete Assessment and Exploited in the Wild ReportCVSS V3 Severity and Metrics
General Information
Vendors
- microsoft
Products
- 365 apps -,
- office long term servicing channel 2021
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
V