virus logo Intrusion Prevention

MS.Office.CVE-2023-36413.Security.Feature.Bypass

description-logoDescription

This indicates an attack attempt to exploit a Security Feature Bypass Vulnerability in Microsoft Office.
This vulnerability is due to improper handling of filename characters. A remote attacker could exploit this vulnerability by enticing a target user to open a crafted file. Successful exploitation could result in the bypass of Protected View security feature and enabling macros.

affected-products-logoAffected Products

Microsoft Office 2019 for 32-bit editions
Microsoft Office 2019 for 64-bit editions
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office 2016 (32-bit edition)
Microsoft Office 2016 (64-bit edition)

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36413

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2023-11-27 26.684
Modified
 Default_action:pass:drop
2023-11-14 26.677
New

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36413
ID 54319
Created Nov 14, 2023
Updated Nov 14, 2023
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Exploit Prediction Score 2.67%
Default Action drop
Active
Affected OS Windows
Affected App MS_Office
Profile Type Permission/Privilege/Access Control