CVE-2023-21716

CRITICAL EXPLOITED IN THE WILD

Microsoft Word - RCE

Title source: llm

Description

Microsoft Word Remote Code Execution Vulnerability

Exploits (12)

nomisec WRITEUP 59 stars

by gyaansastra · client-side

https://github.com/gyaansastra/CVE-2023-21716

View Code ZIP pw:eip

nomisec WORKING POC 46 stars

by Xnuvers007 · client-side

https://github.com/Xnuvers007/CVE-2023-21716

View Code ZIP pw:eip

nomisec WORKING POC 9 stars

by JMousqueton · client-side

https://github.com/JMousqueton/CVE-2023-21716

View Code ZIP pw:eip

nomisec WORKING POC 6 stars

by hv0l · client-side

https://github.com/hv0l/CVE-2023-21716_exploit

View Code ZIP pw:eip

nomisec WORKING POC 5 stars

by RonF98 · client-side

https://github.com/RonF98/CVE-2023-21716-POC

View Code ZIP pw:eip

nomisec WRITEUP 4 stars

by FeatherStark · client-side

https://github.com/FeatherStark/CVE-2023-21716

View Code ZIP pw:eip

nomisec WORKING POC 3 stars

by MojithaR · poc

https://github.com/MojithaR/CVE-2023-21716-EXPLOIT.py

View Code ZIP pw:eip

nomisec 2 stars

by Lord-of-the-IoT · poc

https://github.com/Lord-of-the-IoT/CVE-2023-21716

View on nomisec

nomisec WORKING POC

by muumthf · poc

https://github.com/muumthf/CVE-2023-21716

View Code ZIP pw:eip

nomisec NO CODE

by mikesxrs · poc

https://github.com/mikesxrs/CVE-2023-21716_YARA_Results

View Code ZIP pw:eip

nomisec WORKING POC

by P4x1s · poc

https://github.com/P4x1s/CVE-2023-21716-POC

View Code ZIP pw:eip

patchapalooza WORKING POC

by maldev866 · local

https://github.com/maldev866/WordExp_CVE_2023_21716

View Code ZIP pw:eip

References (1)

[Patch, Vendor Advisory] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21716

Scores

CVSS v3 9.8

EPSS 0.9142

EPSS Percentile 99.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2024-03-21

InTheWild.io 2023-03-27

CWE

CWE-190

Status published

Products (10)

microsoft/office 2019

microsoft/office_long_term_servicing_channel 2021

microsoft/office_online_server 2016

microsoft/office_web_apps 2013 sp1

microsoft/sharepoint_enterprise_server 2013 sp1

microsoft/sharepoint_enterprise_server 2016

microsoft/sharepoint_foundation 2013 sp1

microsoft/sharepoint_server (2 CPE variants)

microsoft/sharepoint_server 2019

microsoft/word 2013 sp1 (2 CPE variants)

Published Feb 14, 2023

Tracked Since Feb 18, 2026