⚠ Actively exploited
Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2022-05-03. Required action: Apply updates per vendor instructions..
CVE-2018-0802 — Out-of-bounds Write in Corporation Equation Editor
Severity
7.8HIGHNVD
VulnCheck8.8CISA8.8
EPSS
94.1%
top 0.10%
CISA KEV
KEV
Added 2021-11-03
Due 2022-05-03
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedJan 10
KEV addedNov 3
KEV dueMay 3
Latest updateFeb 10
CISA Required Action: Apply updates per vendor instructions.
Description
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages3 packages
▶CVEListV5microsoft_corporation/equation_editorMicrosoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-x323-9hmm-gv8q: Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulner↗2022-05-13
CVEList▶
CVE-2018-0802: Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulner↗2018-01-10
📋Vendor Advisories
2🕵️Threat Intelligence
4Fortinet▶
Deep Dive into New XWorm Campaign Utilizing Multiple-Themed Phishing Emails | FortiGuard Labs↗2026-02-10