CVE-2021-42292

HIGH KEV

Microsoft Excel - Privilege Escalation

Title source: llm

Description

Microsoft Excel Security Feature Bypass Vulnerability

Exploits (1)

nomisec WRITEUP 18 stars
by corelight · poc
https://github.com/corelight/CVE-2021-42292

References (2)

Scores

CVSS v3 7.8
EPSS 0.3549
EPSS Percentile 97.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-11-17
VulnCheck KEV 2021-11-09
InTheWild.io 2021-11-09
ENISA EUVD EUVD-2021-29267
Status published
Products (6)
microsoft/365_apps
microsoft/excel 2013 sp1 (2 CPE variants)
microsoft/office 2013 sp1 (2 CPE variants)
microsoft/office 2016
microsoft/office 2019 (2 CPE variants)
microsoft/office_long_term_servicing_channel 2021 (2 CPE variants)
Published Nov 10, 2021
KEV Added Nov 17, 2021
Tracked Since Feb 18, 2026