12 March 2024

Security I Trust

Helping you build Security and Trust

CVE-2023-36884 Office and Windows HTML Remote Code Execution Vulnerability

1 min read

CVE-2023-36884 Office and Windows HTML Remote Code Execution Vulnerability

Release Date: 11 July 2023

 

CVSS score (v3) 8.3
CVSS Score 8.1
Attack Vector Network
Complexity of an Attack High
User Privilege Requirement No
Is user Interaction required? Yes

 

What is the Impact if a system is compromised? Remote Code Execution

 

Impact to:

Confidentiality High
Integrity High
Availability High

 

Reports of this vulnerability being exploited Reports say this vulnerability is under active attack
Exploit Code Exploit code in the wild
Known Malware: No

 

Mitigation/Remediation Microsoft has released a patch