CVE-2023-21715 — Microsoft Office Publisher Security Feature Bypass Vulnerability
2023-02-14 • CISA Known Exploited Vulnerability
[event] Microsoft Office Publisher contains a security feature bypass vulnerability that allows for a local, authenticated attack on a targeted system.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Microsoft |
| Product | Office |
| CWE | CWE-863 |
| CVE ID | CVE-2023-21715 |
| Date Added | 2023-02-14 |
| Due Date | 2023-03-07 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2023-03-07