Search

Find a vulnerability

Search criteria

    22 vulnerabilities found for Microsoft Visio 2016 by Microsoft

    CVE-2024-38016 (GCVE-0-2024-38016)

    Vulnerability from nvd – Published: 2024-09-19 17:09 – Updated: 2024-12-31 23:03
    VLAI
    Title
    Microsoft Office Visio Remote Code Execution Vulnerability
    Summary
    Microsoft Office Visio Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 16.0.5465.1001 (custom)
    Create a notification for this product.
    Date Public
    2024-09-19 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-38016",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-19T17:43:02.481800Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-19T17:45:46.902Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5465.1001",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5465.1001",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2024-09-19T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Visio Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284: Improper Access Control",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-31T23:03:27.978Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38016"
            }
          ],
          "title": "Microsoft Office Visio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2024-38016",
        "datePublished": "2024-09-19T17:09:59.949Z",
        "dateReserved": "2024-06-11T18:18:00.678Z",
        "dateUpdated": "2024-12-31T23:03:27.978Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43463 (GCVE-0-2024-43463)

    Vulnerability from nvd – Published: 2024-09-10 16:53 – Updated: 2024-12-31 23:02
    VLAI
    Title
    Microsoft Office Visio Remote Code Execution Vulnerability
    Summary
    Microsoft Office Visio Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 16.0.5465.1001 (custom)
    Create a notification for this product.
    Date Public
    2024-09-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43463",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T18:52:38.273331Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T18:53:41.566Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5465.1001",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5465.1001",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2024-09-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Visio Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416: Use After Free",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-31T23:02:56.552Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43463"
            }
          ],
          "title": "Microsoft Office Visio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2024-43463",
        "datePublished": "2024-09-10T16:53:49.777Z",
        "dateReserved": "2024-08-14T01:08:33.516Z",
        "dateUpdated": "2024-12-31T23:02:56.552Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20673 (GCVE-0-2024-20673)

    Vulnerability from nvd – Published: 2024-02-13 18:02 – Updated: 2025-05-09 18:19
    VLAI
    Title
    Microsoft Office Remote Code Execution Vulnerability
    Summary
    Microsoft Office Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-693 - Protection Mechanism Failure
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Excel 2016 Affected: 16.0.0.0 , < 16.0.5435.1000 (custom)
    Create a notification for this product.
    Microsoft Microsoft Office 2016 Affected: 16.0.0 , < 16.0.5435.1001 (custom)
    Create a notification for this product.
    Microsoft Microsoft PowerPoint 2016 Affected: 16.0.0 , < 16.0.5435.1000 (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 16.0.5435.1000 (custom)
    Create a notification for this product.
    Microsoft Microsoft Word 2016 Affected: 16.0.1 , < 16.0.5435.1000 (custom)
    Create a notification for this product.
    Microsoft Microsoft Publisher 2016 Affected: 16.0.0 , < 16.0.5435.1000 (custom)
    Create a notification for this product.
    Microsoft Skype for Business 2016 Affected: 0 , < 16.0.5435.1000 (custom)
    Create a notification for this product.
    Date Public
    2024-02-13 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:59:42.338Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Office Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20673"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20673",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-16T19:36:28.789462Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-09T18:19:21.102Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Excel 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5435.1000",
                  "status": "affected",
                  "version": "16.0.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5435.1001",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft PowerPoint 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5435.1000",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5435.1000",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Word 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5435.1000",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Publisher 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5435.1000",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Skype for Business 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5435.1000",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:excel:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "16.0.5435.1000",
                      "versionStartIncluding": "16.0.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "16.0.5435.1001",
                      "versionStartIncluding": "16.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:powerpoint:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5435.1000",
                      "versionStartIncluding": "16.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5435.1000",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:word:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5435.1000",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:publisher:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "16.0.5435.1000",
                      "versionStartIncluding": "16.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:skype_for_business:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5435.1000",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2024-02-13T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-693",
                  "description": "CWE-693: Protection Mechanism Failure",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-03T01:37:00.336Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20673"
            }
          ],
          "title": "Microsoft Office Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2024-20673",
        "datePublished": "2024-02-13T18:02:25.889Z",
        "dateReserved": "2023-11-28T22:58:12.117Z",
        "dateUpdated": "2025-05-09T18:19:21.102Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36866 (GCVE-0-2023-36866)

    Vulnerability from nvd – Published: 2023-08-08 17:08 – Updated: 2025-02-27 21:08
    VLAI
    Title
    Microsoft Office Visio Remote Code Execution Vulnerability
    Summary
    Microsoft Office Visio Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 5439.1000 (custom)
    Create a notification for this product.
    Date Public
    2023-08-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:01:09.869Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36866"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36866",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:53:53.631558Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T21:08:59.504Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "5439.1000",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5439.1000",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-08-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Visio Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190: Integer Overflow or Wraparound",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-01T01:58:35.518Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36866"
            }
          ],
          "title": "Microsoft Office Visio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36866",
        "datePublished": "2023-08-08T17:08:19.389Z",
        "dateReserved": "2023-06-27T20:26:38.144Z",
        "dateUpdated": "2025-02-27T21:08:59.504Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-35372 (GCVE-0-2023-35372)

    Vulnerability from nvd – Published: 2023-08-08 17:08 – Updated: 2025-02-27 21:07
    VLAI
    Title
    Microsoft Office Visio Remote Code Execution Vulnerability
    Summary
    Microsoft Office Visio Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 5439.1000 (custom)
    Create a notification for this product.
    Date Public
    2023-08-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:23:59.717Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35372"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-35372",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:53:41.384018Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T21:07:03.510Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "5439.1000",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5439.1000",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-08-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Visio Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190: Integer Overflow or Wraparound",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-01T01:59:04.579Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35372"
            }
          ],
          "title": "Microsoft Office Visio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-35372",
        "datePublished": "2023-08-08T17:08:47.346Z",
        "dateReserved": "2023-06-14T23:09:47.636Z",
        "dateUpdated": "2025-02-27T21:07:03.510Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-21741 (GCVE-0-2023-21741)

    Vulnerability from nvd – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:35
    VLAI
    Title
    Microsoft Office Visio Information Disclosure Vulnerability
    Summary
    Microsoft Office Visio Information Disclosure Vulnerability
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2013 Service Pack 1 Affected: 15.0.1 , < 15.0.5519.1000 (custom)
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 16.0.5378.1000 (custom)
    Create a notification for this product.
    Date Public
    2023-01-10 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:51:49.374Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Office Visio Information Disclosure Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21741"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.5519.1000",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.5519.1000",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5378.1000",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "15.0.5519.1000",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "15.0.5519.1000",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5378.1000",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-01-10T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Visio Information Disclosure Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125: Out-of-bounds Read",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-01T00:35:55.873Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Visio Information Disclosure Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21741"
            }
          ],
          "title": "Microsoft Office Visio Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-21741",
        "datePublished": "2023-01-10T00:00:00.000Z",
        "dateReserved": "2022-12-13T00:00:00.000Z",
        "dateUpdated": "2025-01-01T00:35:55.873Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-21737 (GCVE-0-2023-21737)

    Vulnerability from nvd – Published: 2023-01-10 00:00 – Updated: 2025-02-28 21:14
    VLAI
    Title
    Microsoft Office Visio Remote Code Execution Vulnerability
    Summary
    Microsoft Office Visio Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2013 Service Pack 1 Affected: 15.0.1 , < 15.0.5519.1000 (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 16.0.5378.1000 (custom)
    Create a notification for this product.
    Date Public
    2023-01-10 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:51:50.151Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21737"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-21737",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-28T20:23:40.249101Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-28T21:14:56.205Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.5519.1000",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.5519.1000",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5378.1000",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "15.0.5519.1000",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "15.0.5519.1000",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5378.1000",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-01-10T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Visio Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-01T00:35:54.298Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21737"
            }
          ],
          "title": "Microsoft Office Visio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-21737",
        "datePublished": "2023-01-10T00:00:00.000Z",
        "dateReserved": "2022-12-13T00:00:00.000Z",
        "dateUpdated": "2025-02-28T21:14:56.205Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-21736 (GCVE-0-2023-21736)

    Vulnerability from nvd – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:35
    VLAI
    Title
    Microsoft Office Visio Remote Code Execution Vulnerability
    Summary
    Microsoft Office Visio Remote Code Execution Vulnerability
    CWE
    • CWE-681 - Incorrect Conversion between Numeric Types
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2013 Service Pack 1 Affected: 15.0.1 , < 15.0.5519.1000 (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 16.0.5378.1000 (custom)
    Create a notification for this product.
    Date Public
    2023-01-10 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:51:49.401Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21736"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.5519.1000",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.5519.1000",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5378.1000",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "15.0.5519.1000",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "15.0.5519.1000",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5378.1000",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-01-10T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Visio Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-681",
                  "description": "CWE-681: Incorrect Conversion between Numeric Types",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-01T00:35:53.734Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21736"
            }
          ],
          "title": "Microsoft Office Visio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-21736",
        "datePublished": "2023-01-10T00:00:00.000Z",
        "dateReserved": "2022-12-13T00:00:00.000Z",
        "dateUpdated": "2025-01-01T00:35:53.734Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-44695 (GCVE-0-2022-44695)

    Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2025-07-22 17:49
    VLAI
    Title
    Microsoft Office Visio Remote Code Execution Vulnerability
    Summary
    Microsoft Office Visio Remote Code Execution Vulnerability
    CWE
    • Remote Code Execution
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2013 Service Pack 1 Affected: 15.0.1 , < 5511.1000 (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 5374.1000 (custom)
    Create a notification for this product.
    Date Public
    2022-12-13 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T13:54:04.095Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44695"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "5511.1000",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "5511.1000",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "5374.1000",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_2021:*:*:*:*:long_term_servicing_channel:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio_2013:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "5511.1000",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio_2013:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "5511.1000",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5374.1000",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2022-12-13T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Visio Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-22T17:49:42.789Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44695"
            }
          ],
          "title": "Microsoft Office Visio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2022-44695",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-11-03T00:00:00.000Z",
        "dateUpdated": "2025-07-22T17:49:42.789Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-38010 (GCVE-0-2022-38010)

    Vulnerability from nvd – Published: 2022-09-13 18:42 – Updated: 2025-03-11 16:10
    VLAI
    Title
    Microsoft Office Visio Remote Code Execution Vulnerability
    Summary
    Microsoft Office Visio Remote Code Execution Vulnerability
    CWE
    • Remote Code Execution
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2013 Service Pack 1 Affected: 15.0.1 , < 15.0.5485.1001 (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 16.0.5361.1002 (custom)
    Create a notification for this product.
    Date Public
    2022-09-13 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T10:37:42.623Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38010"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.5485.1001",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.5485.1001",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5361.1002",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "15.0.5485.1001",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "15.0.5485.1001",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5361.1002",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2022-09-13T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Visio Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-11T16:10:43.716Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38010"
            }
          ],
          "title": "Microsoft Office Visio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2022-38010",
        "datePublished": "2022-09-13T18:42:19.000Z",
        "dateReserved": "2022-08-08T00:00:00.000Z",
        "dateUpdated": "2025-03-11T16:10:43.716Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-27055 (GCVE-0-2021-27055)

    Vulnerability from nvd – Published: 2021-03-11 15:48 – Updated: 2024-08-03 20:40
    VLAI
    Title
    Microsoft Visio Security Feature Bypass Vulnerability
    Summary
    Microsoft Visio Security Feature Bypass Vulnerability
    CWE
    • Security Feature Bypass
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Visio 2013 Service Pack 1 Affected: 15.0.1 , < publication (custom)
        cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < publication (custom)
        cpe:2.3:a:microsoft:visio:2016:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visio 2010 Service Pack 2 Affected: 13.0.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visio:2010:sp2:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
        cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
        cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
    Create a notification for this product.
    Date Public
    2021-03-09 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T20:40:47.084Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27055"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visio:2016:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visio:2010:sp2:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2010 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "13.0.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
              ],
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-03-09T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Visio Security Feature Bypass Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Security Feature Bypass",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-29T20:09:24.582Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27055"
            }
          ],
          "title": "Microsoft Visio Security Feature Bypass Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2021-27055",
        "datePublished": "2021-03-11T15:48:18.000Z",
        "dateReserved": "2021-02-10T00:00:00.000Z",
        "dateUpdated": "2024-08-03T20:40:47.084Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-38016 (GCVE-0-2024-38016)

    Vulnerability from cvelistv5 – Published: 2024-09-19 17:09 – Updated: 2024-12-31 23:03
    VLAI
    Title
    Microsoft Office Visio Remote Code Execution Vulnerability
    Summary
    Microsoft Office Visio Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 16.0.5465.1001 (custom)
    Create a notification for this product.
    Date Public
    2024-09-19 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-38016",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-19T17:43:02.481800Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-19T17:45:46.902Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5465.1001",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5465.1001",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2024-09-19T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Visio Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284: Improper Access Control",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-31T23:03:27.978Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38016"
            }
          ],
          "title": "Microsoft Office Visio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2024-38016",
        "datePublished": "2024-09-19T17:09:59.949Z",
        "dateReserved": "2024-06-11T18:18:00.678Z",
        "dateUpdated": "2024-12-31T23:03:27.978Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43463 (GCVE-0-2024-43463)

    Vulnerability from cvelistv5 – Published: 2024-09-10 16:53 – Updated: 2024-12-31 23:02
    VLAI
    Title
    Microsoft Office Visio Remote Code Execution Vulnerability
    Summary
    Microsoft Office Visio Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 16.0.5465.1001 (custom)
    Create a notification for this product.
    Date Public
    2024-09-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43463",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T18:52:38.273331Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T18:53:41.566Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5465.1001",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5465.1001",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2024-09-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Visio Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416: Use After Free",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-31T23:02:56.552Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43463"
            }
          ],
          "title": "Microsoft Office Visio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2024-43463",
        "datePublished": "2024-09-10T16:53:49.777Z",
        "dateReserved": "2024-08-14T01:08:33.516Z",
        "dateUpdated": "2024-12-31T23:02:56.552Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20673 (GCVE-0-2024-20673)

    Vulnerability from cvelistv5 – Published: 2024-02-13 18:02 – Updated: 2025-05-09 18:19
    VLAI
    Title
    Microsoft Office Remote Code Execution Vulnerability
    Summary
    Microsoft Office Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-693 - Protection Mechanism Failure
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Excel 2016 Affected: 16.0.0.0 , < 16.0.5435.1000 (custom)
    Create a notification for this product.
    Microsoft Microsoft Office 2016 Affected: 16.0.0 , < 16.0.5435.1001 (custom)
    Create a notification for this product.
    Microsoft Microsoft PowerPoint 2016 Affected: 16.0.0 , < 16.0.5435.1000 (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 16.0.5435.1000 (custom)
    Create a notification for this product.
    Microsoft Microsoft Word 2016 Affected: 16.0.1 , < 16.0.5435.1000 (custom)
    Create a notification for this product.
    Microsoft Microsoft Publisher 2016 Affected: 16.0.0 , < 16.0.5435.1000 (custom)
    Create a notification for this product.
    Microsoft Skype for Business 2016 Affected: 0 , < 16.0.5435.1000 (custom)
    Create a notification for this product.
    Date Public
    2024-02-13 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:59:42.338Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Office Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20673"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20673",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-16T19:36:28.789462Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-09T18:19:21.102Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Excel 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5435.1000",
                  "status": "affected",
                  "version": "16.0.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5435.1001",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft PowerPoint 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5435.1000",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5435.1000",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Word 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5435.1000",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Publisher 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5435.1000",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Skype for Business 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5435.1000",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:excel:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "16.0.5435.1000",
                      "versionStartIncluding": "16.0.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "16.0.5435.1001",
                      "versionStartIncluding": "16.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:powerpoint:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5435.1000",
                      "versionStartIncluding": "16.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5435.1000",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:word:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5435.1000",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:publisher:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "16.0.5435.1000",
                      "versionStartIncluding": "16.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:skype_for_business:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5435.1000",
                      "versionStartIncluding": "0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2024-02-13T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-693",
                  "description": "CWE-693: Protection Mechanism Failure",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-03T01:37:00.336Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20673"
            }
          ],
          "title": "Microsoft Office Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2024-20673",
        "datePublished": "2024-02-13T18:02:25.889Z",
        "dateReserved": "2023-11-28T22:58:12.117Z",
        "dateUpdated": "2025-05-09T18:19:21.102Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-35372 (GCVE-0-2023-35372)

    Vulnerability from cvelistv5 – Published: 2023-08-08 17:08 – Updated: 2025-02-27 21:07
    VLAI
    Title
    Microsoft Office Visio Remote Code Execution Vulnerability
    Summary
    Microsoft Office Visio Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 5439.1000 (custom)
    Create a notification for this product.
    Date Public
    2023-08-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:23:59.717Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35372"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-35372",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:53:41.384018Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T21:07:03.510Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "5439.1000",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5439.1000",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-08-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Visio Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190: Integer Overflow or Wraparound",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-01T01:59:04.579Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35372"
            }
          ],
          "title": "Microsoft Office Visio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-35372",
        "datePublished": "2023-08-08T17:08:47.346Z",
        "dateReserved": "2023-06-14T23:09:47.636Z",
        "dateUpdated": "2025-02-27T21:07:03.510Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36866 (GCVE-0-2023-36866)

    Vulnerability from cvelistv5 – Published: 2023-08-08 17:08 – Updated: 2025-02-27 21:08
    VLAI
    Title
    Microsoft Office Visio Remote Code Execution Vulnerability
    Summary
    Microsoft Office Visio Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 5439.1000 (custom)
    Create a notification for this product.
    Date Public
    2023-08-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:01:09.869Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36866"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36866",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:53:53.631558Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T21:08:59.504Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "5439.1000",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5439.1000",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-08-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Visio Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190: Integer Overflow or Wraparound",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-01T01:58:35.518Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36866"
            }
          ],
          "title": "Microsoft Office Visio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36866",
        "datePublished": "2023-08-08T17:08:19.389Z",
        "dateReserved": "2023-06-27T20:26:38.144Z",
        "dateUpdated": "2025-02-27T21:08:59.504Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-21736 (GCVE-0-2023-21736)

    Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:35
    VLAI
    Title
    Microsoft Office Visio Remote Code Execution Vulnerability
    Summary
    Microsoft Office Visio Remote Code Execution Vulnerability
    CWE
    • CWE-681 - Incorrect Conversion between Numeric Types
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2013 Service Pack 1 Affected: 15.0.1 , < 15.0.5519.1000 (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 16.0.5378.1000 (custom)
    Create a notification for this product.
    Date Public
    2023-01-10 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:51:49.401Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21736"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.5519.1000",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.5519.1000",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5378.1000",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "15.0.5519.1000",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "15.0.5519.1000",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5378.1000",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-01-10T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Visio Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-681",
                  "description": "CWE-681: Incorrect Conversion between Numeric Types",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-01T00:35:53.734Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21736"
            }
          ],
          "title": "Microsoft Office Visio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-21736",
        "datePublished": "2023-01-10T00:00:00.000Z",
        "dateReserved": "2022-12-13T00:00:00.000Z",
        "dateUpdated": "2025-01-01T00:35:53.734Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-21737 (GCVE-0-2023-21737)

    Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-02-28 21:14
    VLAI
    Title
    Microsoft Office Visio Remote Code Execution Vulnerability
    Summary
    Microsoft Office Visio Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2013 Service Pack 1 Affected: 15.0.1 , < 15.0.5519.1000 (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 16.0.5378.1000 (custom)
    Create a notification for this product.
    Date Public
    2023-01-10 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:51:50.151Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21737"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-21737",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-28T20:23:40.249101Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-28T21:14:56.205Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.5519.1000",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.5519.1000",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5378.1000",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "15.0.5519.1000",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "15.0.5519.1000",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5378.1000",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-01-10T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Visio Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-01T00:35:54.298Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21737"
            }
          ],
          "title": "Microsoft Office Visio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-21737",
        "datePublished": "2023-01-10T00:00:00.000Z",
        "dateReserved": "2022-12-13T00:00:00.000Z",
        "dateUpdated": "2025-02-28T21:14:56.205Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-21741 (GCVE-0-2023-21741)

    Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:35
    VLAI
    Title
    Microsoft Office Visio Information Disclosure Vulnerability
    Summary
    Microsoft Office Visio Information Disclosure Vulnerability
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2013 Service Pack 1 Affected: 15.0.1 , < 15.0.5519.1000 (custom)
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 16.0.5378.1000 (custom)
    Create a notification for this product.
    Date Public
    2023-01-10 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:51:49.374Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Office Visio Information Disclosure Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21741"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.5519.1000",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.5519.1000",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5378.1000",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "15.0.5519.1000",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "15.0.5519.1000",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5378.1000",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-01-10T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Visio Information Disclosure Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125: Out-of-bounds Read",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-01T00:35:55.873Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Visio Information Disclosure Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21741"
            }
          ],
          "title": "Microsoft Office Visio Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-21741",
        "datePublished": "2023-01-10T00:00:00.000Z",
        "dateReserved": "2022-12-13T00:00:00.000Z",
        "dateUpdated": "2025-01-01T00:35:55.873Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-44695 (GCVE-0-2022-44695)

    Vulnerability from cvelistv5 – Published: 2022-12-13 00:00 – Updated: 2025-07-22 17:49
    VLAI
    Title
    Microsoft Office Visio Remote Code Execution Vulnerability
    Summary
    Microsoft Office Visio Remote Code Execution Vulnerability
    CWE
    • Remote Code Execution
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2013 Service Pack 1 Affected: 15.0.1 , < 5511.1000 (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 5374.1000 (custom)
    Create a notification for this product.
    Date Public
    2022-12-13 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T13:54:04.095Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44695"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "5511.1000",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "5511.1000",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "5374.1000",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_2021:*:*:*:*:long_term_servicing_channel:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio_2013:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "5511.1000",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio_2013:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "5511.1000",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5374.1000",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2022-12-13T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Visio Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-22T17:49:42.789Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44695"
            }
          ],
          "title": "Microsoft Office Visio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2022-44695",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-11-03T00:00:00.000Z",
        "dateUpdated": "2025-07-22T17:49:42.789Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-38010 (GCVE-0-2022-38010)

    Vulnerability from cvelistv5 – Published: 2022-09-13 18:42 – Updated: 2025-03-11 16:10
    VLAI
    Title
    Microsoft Office Visio Remote Code Execution Vulnerability
    Summary
    Microsoft Office Visio Remote Code Execution Vulnerability
    CWE
    • Remote Code Execution
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2013 Service Pack 1 Affected: 15.0.1 , < 15.0.5485.1001 (custom)
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < 16.0.5361.1002 (custom)
    Create a notification for this product.
    Date Public
    2022-09-13 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T10:37:42.623Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38010"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft Office LTSC 2021",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.5485.1001",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "15.0.5485.1001",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "16.0.5361.1002",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "19.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "15.0.5485.1001",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
                      "versionEndExcluding": "15.0.5485.1001",
                      "versionStartIncluding": "15.0.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "16.0.5361.1002",
                      "versionStartIncluding": "16.0.1",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2022-09-13T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Office Visio Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-11T16:10:43.716Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Office Visio Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38010"
            }
          ],
          "title": "Microsoft Office Visio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2022-38010",
        "datePublished": "2022-09-13T18:42:19.000Z",
        "dateReserved": "2022-08-08T00:00:00.000Z",
        "dateUpdated": "2025-03-11T16:10:43.716Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-27055 (GCVE-0-2021-27055)

    Vulnerability from cvelistv5 – Published: 2021-03-11 15:48 – Updated: 2024-08-03 20:40
    VLAI
    Title
    Microsoft Visio Security Feature Bypass Vulnerability
    Summary
    Microsoft Visio Security Feature Bypass Vulnerability
    CWE
    • Security Feature Bypass
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Visio 2013 Service Pack 1 Affected: 15.0.1 , < publication (custom)
        cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visio 2016 Affected: 16.0.1 , < publication (custom)
        cpe:2.3:a:microsoft:visio:2016:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visio 2010 Service Pack 2 Affected: 13.0.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visio:2010:sp2:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
        cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
        cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
    Create a notification for this product.
    Date Public
    2021-03-09 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T20:40:47.084Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27055"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2013 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visio:2016:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visio:2010:sp2:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Visio 2010 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "13.0.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Microsoft Office 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "19.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
              ],
              "platforms": [
                "x64-based Systems",
                "32-bit Systems"
              ],
              "product": "Microsoft 365 Apps for Enterprise",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "https://aka.ms/OfficeSecurityReleases",
                  "status": "affected",
                  "version": "16.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-03-09T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Visio Security Feature Bypass Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Security Feature Bypass",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-29T20:09:24.582Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27055"
            }
          ],
          "title": "Microsoft Visio Security Feature Bypass Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2021-27055",
        "datePublished": "2021-03-11T15:48:18.000Z",
        "dateReserved": "2021-02-10T00:00:00.000Z",
        "dateUpdated": "2024-08-03T20:40:47.084Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }