Zero-day vulnerability in Microsoft Publisher

Security features bypass

Vulnerability details

Advisory: SB2023021418 - Remote code execution in Microsoft Publisher

Vulnerable component: Microsoft Publisher

CVE-ID: CVE-2023-21715

CVSSv3 score: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C

CWE-ID: CWE-254 - Security Features


The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to unspecified error when processing files. A remote attacker can trick the victim to open a specially crafted file, bypass Office macro policies used to block untrusted or malicious files and execute arbitrary code on the system.

Note, the vulnerability is being actively exploited in the wild.

External links: