Excel Services
CVE-2021-1714
HIGH
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from Vendor (microsoft) · only source for this CVE.
CVSS VectorVendor: microsoft
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Microsoft Excel Remote Code Execution Vulnerability
AnalysisAI
Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
Affected products include: Microsoft Excel Services, Microsoft 365 Apps, Microsoft Excel, Microsoft Office, Microsoft Office Online Server.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Excel Services
View allA remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle obje
A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted emb
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka
Share
External POC / Exploit Code
Leaving vuln.today