CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
CVE-2022-21840 | Microsoft Office Remote Code Execution Vulnerability | Microsoft SharePoint Enterprise Server 2016 | Critical | 17-01-2022 |
Technical Information
Brief overview of the risk:
A Remote Code Execution vulnerability in Microsoft Office which has been marked as ‘Exploitation less Likely’ by Microsoft. User interaction is required to exploit this vulnerability. An attacker can exploit this vulnerability by making users open a specially crafted file or a website.
Further information on this vulnerability is available at : CVE-2022-21840
Affected Software
Microsoft SharePoint Enterprise Server 2016Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft SharePoint Server 2019
Microsoft Office 2019 for 32-bit editions
Microsoft Office 2019 for 64-bit editions
Microsoft Office 2019 for Mac
Microsoft Office Online Server
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Office LTSC for Mac 2021
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft SharePoint Server Subscription Edition
SharePoint Server Subscription Edition Language Pack
Microsoft Excel 2016 (32-bit edition)
Microsoft Excel 2016 (64-bit edition)
Microsoft Office 2016 (32-bit edition)
Microsoft Office 2016 (64-bit edition)
Microsoft Excel 2013 RT Service Pack 1
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2013 RT Service Pack 1
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Microsoft Office Web Apps Server 2013 Service Pack 1
Microsoft SharePoint Foundation 2013 Service Pack 1