CVE-2023-36761

high-risk

Published 2023-09-12

Microsoft Word Information Disclosure Vulnerability

Do I need to act?

~

7.3% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

!

CISA KEV: actively exploited in the wild

On the Known Exploited Vulnerabilities catalog — federal agencies must patch

?

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

6

CVSS 6.5/10 Medium

NETWORK / LOW complexity

Affected Products (11)

365 Apps

365 Apps

Office

Office

Office Long Term Servicing Channel

Office Long Term Servicing Channel

Word

Word

Word

Word

Word

Affected Vendors

Microsoft

References (3)

Patch https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36761

Patch https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36761

US Government Resource https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-...

57

/ 100

high-risk

Severity 24/34 · High

Exploitability 17/34 · Moderate

Exposure 16/34 · Moderate