CVE-2023-36884

Windows Search Remote Code Execution Vulnerability

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
http://seclists.org/fulldisclosure/2023/Jul/43	Broken Link Mailing List Third Party Advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:microsoft:office:2019::::::x64:
	cpe:2.3:a:microsoft:office:2019::::::x86:
	cpe:2.3:a:microsoft:office:2021::::ltsc::x64:*
	cpe:2.3:a:microsoft:office:2021::::ltsc::x86:*
	cpe:2.3:a:microsoft:word:2013:sp1::::::
	cpe:2.3:a:microsoft:word:2016:::::::*
	cpe:2.3:o:microsoft:windows_10_1507:-::::::x64:
	cpe:2.3:o:microsoft:windows_10_1507:-::::::x86:
	cpe:2.3:o:microsoft:windows_10_1607:-::::::x64:
	cpe:2.3:o:microsoft:windows_10_1607:-::::::x86:
	cpe:2.3:o:microsoft:windows_10_1809:-::::::arm64:
	cpe:2.3:o:microsoft:windows_10_1809:-::::::x64:
	cpe:2.3:o:microsoft:windows_10_1809:-::::::x86:
	cpe:2.3:o:microsoft:windows_10_21h2:-::::::arm64:
	cpe:2.3:o:microsoft:windows_10_21h2:-::::::x64:
	cpe:2.3:o:microsoft:windows_10_21h2:-::::::x86:
	cpe:2.3:o:microsoft:windows_10_22h2:-::::::arm64:
	cpe:2.3:o:microsoft:windows_10_22h2:-::::::x64:
	cpe:2.3:o:microsoft:windows_10_22h2:-::::::x86:
	cpe:2.3:o:microsoft:windows_11:22h2::::::arm64:
	cpe:2.3:o:microsoft:windows_11:22h2::::::x64:
	cpe:2.3:o:microsoft:windows_11_21h2:-::::::arm64:
	cpe:2.3:o:microsoft:windows_11_21h2:-::::::x64:
	cpe:2.3:o:microsoft:windows_server_2008:-:sp2::::::
	cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::x64:*
	cpe:2.3:o:microsoft:windows_server_2012:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2012:r2:::::::*
	cpe:2.3:o:microsoft:windows_server_2016:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2019:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2022:-:::::::*

History

08 Aug 2023, 19:15

Type	Values Removed	Values Added
Summary	Microsoft is investigating reports of a series of remote code execution vulnerabilities impacting Windows and Office products. Microsoft is aware of targeted attacks that attempt to exploit these vulnerabilities by using specially-crafted Microsoft Office documents. An attacker could create a specially crafted Microsoft Office document that enables them to perform remote code execution in the context of the victim. However, an attacker would have to convince the victim to open the malicious file. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This might include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs. Please see the Microsoft Threat Intelligence Blog Entry https://aka.ms/Storm-0978 for important information about steps you can take to protect your system from this vulnerability. This CVE will be updated with new information and links to security updates when they become available. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this CVE. See Microsoft Technical Security Notifications https://www.microsoft.com/en-us/msrc/technical-security-notifications .	Windows Search Remote Code Execution Vulnerability
CVSS	v2 : ~~unknown~~ v3 : ~~8.3~~	v2 : unknown v3 : 7.5

01 Aug 2023, 02:15

Type	Values Removed	Values Added
Summary	Microsoft is investigating reports of a series of remote code execution vulnerabilities impacting Windows and Office products. Microsoft is aware of targeted attacks that attempt to exploit these vulnerabilities by using specially-crafted Microsoft Office documents. An attacker could create a specially crafted Microsoft Office document that enables them to perform remote code execution in the context of the victim. However, an attacker would have to convince the victim to open the malicious file. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This might include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs. Please see the Microsoft Threat Intelligence Blog https://aka.ms/Storm-0978 Entry for important information about steps you can take to protect your system from this vulnerability. This CVE will be updated with new information and links to security updates when they become available.	Microsoft is investigating reports of a series of remote code execution vulnerabilities impacting Windows and Office products. Microsoft is aware of targeted attacks that attempt to exploit these vulnerabilities by using specially-crafted Microsoft Office documents. An attacker could create a specially crafted Microsoft Office document that enables them to perform remote code execution in the context of the victim. However, an attacker would have to convince the victim to open the malicious file. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This might include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs. Please see the Microsoft Threat Intelligence Blog Entry https://aka.ms/Storm-0978 for important information about steps you can take to protect your system from this vulnerability. This CVE will be updated with new information and links to security updates when they become available. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this CVE. See Microsoft Technical Security Notifications https://www.microsoft.com/en-us/msrc/technical-security-notifications .

31 Jul 2023, 23:15

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.3

31 Jul 2023, 15:33

Type	Values Removed	Values Added
References	~~(MISC) http://seclists.org/fulldisclosure/2023/Jul/43 - Broken Link~~	(MISC) http://seclists.org/fulldisclosure/2023/Jul/43 - Broken Link, Mailing List, Third Party Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 0.0

28 Jul 2023, 18:22

Type	Values Removed	Values Added
References	~~(MISC) http://seclists.org/fulldisclosure/2023/Jul/43 -~~	(MISC) http://seclists.org/fulldisclosure/2023/Jul/43 - Broken Link
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 0.0

26 Jul 2023, 07:15

Type	Values Removed	Values Added
References		(MISC) http://seclists.org/fulldisclosure/2023/Jul/43 -
CVSS	v2 : ~~unknown~~ v3 : ~~8.8~~	v2 : unknown v3 : 0.0

17 Jul 2023, 19:21

Type	Values Removed	Values Added
References	~~(MISC) https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884 -~~	(MISC) https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884 - Patch, Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.8
First Time		Microsoft office Microsoft windows Server 2016 Microsoft Microsoft windows 11 Microsoft windows Server 2008 Microsoft windows 10 1809 Microsoft windows Server 2022 Microsoft windows Server 2019 Microsoft word Microsoft windows 10 1607 Microsoft windows Server 2012 Microsoft windows 10 22h2 Microsoft windows 10 21h2 Microsoft windows 10 1507 Microsoft windows 11 21h2
CWE		NVD-CWE-noinfo
CPE		cpe:2.3:o:microsoft:windows_10_1507:-::::::x64: cpe:2.3:o:microsoft:windows_11_21h2:-::::::x64: cpe:2.3:a:microsoft:office:2021::::ltsc::x64:* cpe:2.3:o:microsoft:windows_server_2012:-:::::::* cpe:2.3:o:microsoft:windows_11_21h2:-::::::arm64: cpe:2.3:o:microsoft:windows_10_21h2:-::::::x64: cpe:2.3:a:microsoft:office:2021::::ltsc::x86:* cpe:2.3:o:microsoft:windows_11:22h2::::::arm64: cpe:2.3:o:microsoft:windows_10_1809:-::::::x86: cpe:2.3:o:microsoft:windows_10_1607:-::::::x86: cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::x64:* cpe:2.3:a:microsoft:word:2013:sp1:::::: cpe:2.3:o:microsoft:windows_server_2019:-:::::::* cpe:2.3:o:microsoft:windows_10_1809:-::::::x64: cpe:2.3:o:microsoft:windows_server_2022:-:::::::* cpe:2.3:o:microsoft:windows_10_1809:-::::::arm64: cpe:2.3:a:microsoft:word:2016:::::::* cpe:2.3:o:microsoft:windows_10_21h2:-::::::arm64: cpe:2.3:a:microsoft:office:2019::::::x86: cpe:2.3:o:microsoft:windows_server_2016:-:::::::* cpe:2.3:o:microsoft:windows_10_21h2:-::::::x86: cpe:2.3:a:microsoft:office:2019::::::x64: cpe:2.3:o:microsoft:windows_10_1607:-::::::x64: cpe:2.3:o:microsoft:windows_10_1507:-::::::x86: cpe:2.3:o:microsoft:windows_server_2008:-:sp2:::::: cpe:2.3:o:microsoft:windows_server_2012:r2:::::::* cpe:2.3:o:microsoft:windows_10_22h2:-::::::x86: cpe:2.3:o:microsoft:windows_10_22h2:-::::::x64: cpe:2.3:o:microsoft:windows_11:22h2::::::x64: cpe:2.3:o:microsoft:windows_10_22h2:-::::::arm64:

12 Jul 2023, 12:46

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 0.0

11 Jul 2023, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-07-11 19:15

Updated : 2023-12-10 15:01

NVD link : CVE-2023-36884

Mitre link : CVE-2023-36884

CVE.ORG link : CVE-2023-36884

JSON object : View

Products Affected

microsoft

windows_10_21h2
windows_10_1809
windows_10_1607
windows_server_2016
windows_11
office
windows_11_21h2
windows_10_1507
windows_server_2019
windows_server_2022
word
windows_server_2008
windows_server_2012
windows_10_22h2

CWE

NVD-CWE-noinfo

7.5 /10