CVE-2021-34501

MSR

High

Microsoft Excel Remote Code Execution Vulnerability

CVSS

8.8

High

EPSS

0.53

p98

Published

2021-01-01

Updated

2021-01-01

Description

Microsoft Excel Remote Code Execution Vulnerability

Tags · CWE

Pre-auth

Affected products

365_appsExcelOfficeOffice_online_server

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Timeline

2021-01-01

Published

2021-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: N

None (N)

User Interaction

UI: R

Required (R)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: H

High (H)

Integrity Impact

I: H

High (H)

Availability Impact

A: H

High (H)

Exploit indicators

EPSS

0.532 · p98

Known exploited (KEV)

Known exploits — Сканер-ВС

No Сканер-ВС checks registered for this vulnerability yet.

Affected products

Microsoft

Windows Office 365 Apps Excel Office Online Server

Product	Vendor	Status
365_apps	*	Tracked
excel	*	Tracked
office	*	Tracked
office_online_server	*	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked
Windows	Microsoft	Tracked

Showing first 20 of 107

Source databases

MSR

CVE

Related vulnerabilities

BDU:2022-02742