Exploitation Summary
EIP tracks 1 public exploit for CVE-2023-33131. PoCs published by nu11secur1ty.
AI-analyzed exploit summary The exploit leverages a VBA macro in a Word document to execute arbitrary commands via `cmd.exe` when the document is opened in Microsoft Outlook. It fetches and executes a remote batch file, demonstrating remote code execution (RCE).
Description
Microsoft Outlook Remote Code Execution Vulnerability
Exploits (1)
exploitdb
WORKING POC
by nu11secur1ty · textremotemultiple
https://www.exploit-db.com/exploits/51574
The exploit leverages a VBA macro in a Word document to execute arbitrary commands via `cmd.exe` when the document is opened in Microsoft Outlook. It fetches and executes a remote batch file, demonstrating remote code execution (RCE).
Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:
Microsoft Outlook (Microsoft 365 MSO Version 2306 Build 16.0.16529.20100) 32-bit
No auth needed
Prerequisites:
Victim must open the malicious Word document in Outlook
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026
Full analysis →
References (2)
Core 2
Core References
Patch, Vendor Advisory vendor-advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33131
Exploit, Third Party Advisory
http://packetstormsecurity.com/files/173361/Microsoft-365-MSO-2306-Build-16.0.16529.20100-Remote-Code-Execution.html
Scores
CVSS v3
8.8
EPSS
0.0572
EPSS Percentile
92.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-94
Status
published
Products (5)
microsoft/office
2019 (2 CPE variants)
microsoft/office_long_term_servicing_channel
2021 (2 CPE variants)
microsoft/outlook
2013 sp1 (2 CPE variants)
microsoft/outlook
2016 (2 CPE variants)
microsoft/outlook_rt
2013 sp1
Published
Jun 14, 2023
Tracked Since
Feb 18, 2026