CVE-2023-21715
unknown
KEV
CVSS v3
—
CVSS v2
—
VIR risk
1.5
Description
Microsoft Office Publisher contains a security feature bypass vulnerability that allows for a local, authenticated attack on a targeted system.
CISA KEV
- Vendor
- Microsoft
- Product
- Office
- Due date
- 2023-03-07
Predictions
Exploit likelihood
99%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cisa-kev — https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21715; https://nvd.nist.gov/vuln/detail/CVE-2023-21715
Exploits
References
Verify integrity in audit chain (admin only). AS-IS.