CVE-2021-38646
HIGH KEV RANSOMWAREMicrosoft Office Access Connectivity Engine - RCE
Title source: llmDescription
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Scores
CVSS v3
7.8
EPSS
0.5093
EPSS Percentile
97.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CISA KEV
2022-03-28
VulnCheck KEV
2022-03-28
InTheWild.io
2021-10-25
ENISA EUVD
EUVD-2021-25085
Ransomware Use
Confirmed
Status
published
Products (4)
microsoft/365_apps
microsoft/office
2013 sp1 (2 CPE variants)
microsoft/office
2016
microsoft/office
2019
Published
Sep 15, 2021
KEV Added
Mar 28, 2022
Tracked Since
Feb 18, 2026