Exploitation Summary
EIP tracks 1 public exploit for CVE-2023-33148. PoCs published by nu11secur1ty.
AI-analyzed exploit summary The exploit leverages a VBA macro in a malicious Word file to execute arbitrary commands via `cmd.exe` when opened in Microsoft Office 365. It downloads and executes a remote batch file, demonstrating RCE and privilege escalation.
Description
Microsoft Office Elevation of Privilege Vulnerability
Exploits (1)
exploitdb
WORKING POC
by nu11secur1ty · textremotemultiple
https://www.exploit-db.com/exploits/51609
The exploit leverages a VBA macro in a malicious Word file to execute arbitrary commands via `cmd.exe` when opened in Microsoft Office 365. It downloads and executes a remote batch file, demonstrating RCE and privilege escalation.
Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:
Microsoft Office 365 Version 18.2305.1222.0
No auth needed
Prerequisites:
Victim must open the malicious Word file · Macros must be enabled
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026
Full analysis →
References (3)
Core 3
Core References
Various Sources
https://packetstorm.news/files/id/173591
Exploit, Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/173591/Microsoft-Office-365-18.2305.1222.0-Remote-Code-Execution.html
Patch, Vendor Advisory vendor-advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33148
Scores
CVSS v3
7.8
EPSS
0.0234
EPSS Percentile
81.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-59
Status
published
Products (5)
microsoft/365_apps
microsoft/office
2013
microsoft/office
2019
microsoft/office
2021 (2 CPE variants)
microsoft/office_long_term_servicing_channel
2021 (2 CPE variants)
Published
Jul 11, 2023
Tracked Since
Feb 18, 2026