⚠ Actively exploited

Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2022-05-03. Required action: Apply updates per vendor instructions..

CVE-2018-0798 — Out-of-bounds Write in Corporation Equation Editor

CWE-787 — Out-of-bounds Write8 documents7 sources

Severity

8.8HIGHNVD

EPSS

94.1%

top 0.10%

CISA KEV

KEV

Added 2021-11-03

Due 2022-05-03

Exploit

Exploited in wild

Active exploitation observed

Affected products

Microsoft Corporation Equation Editor Microsoft Office Microsoft Word

Timeline

PublishedJan 10

KEV addedNov 3

KEV dueMay 3

Latest updateMay 13

CISA Required Action: Apply updates per vendor instructions.

Description

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability".

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

▶NVDmicrosoft/office4 versions+3

▶CVEListV5microsoft_corporation/equation_editorMicrosoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016

▶NVDmicrosoft/word4 versions+3

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-4prc-qxrc-76p6: Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulne↗2022-05-13

▶

CVEList

CVE-2018-0798: Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulne↗2018-01-10

▶

VulnCheck

Microsoft Office Memory Corruption Vulnerability↗2018

▶

📋Vendor Advisories

CISA

Microsoft Office Memory Corruption Vulnerability↗2021-11-03

▶

CISA

Microsoft Office Memory Corruption Vulnerability↗2021-11-03

▶

Microsoft

Microsoft Office Memory Corruption Vulnerability↗2018-01-09

▶

🕵️Threat Intelligence

Threat Intel

SongXY

▶