CVE-2019-1297

HIGH KEV

Microsoft Excel - Remote Code Execution

Title source: rule

Description

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.

References (2)

Scores

CVSS v3 8.8
EPSS 0.4068
EPSS Percentile 97.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-03-03
VulnCheck KEV 2022-03-03
InTheWild.io 2020-07-15
ENISA EUVD EUVD-2019-9862
Status published
Products (6)
microsoft/excel 2010 sp2
microsoft/excel 2013 sp1 (2 CPE variants)
microsoft/excel 2016
microsoft/office 2016
microsoft/office 2019 (2 CPE variants)
microsoft/office_365_proplus
Published Sep 11, 2019
KEV Added Mar 03, 2022
Tracked Since Feb 18, 2026