cbcvebase.
CVE-2023-29325
published 2023-05-09

CVE-2023-29325: Windows OLE Remote Code Execution Vulnerability Windows OLE Remote Code Execution Vulnerability

high7.5CVSS 3.1
AVNACHPRNUIRSUCHIHAH
EPSS
84.39%
99.7th percentile
Windows OLE Remote Code Execution Vulnerability Windows OLE Remote Code Execution Vulnerability

Affected

31 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftwindows_10_version_1507>= 10.0.10240.0 < 10.0.10240.1992610.0.10240.19926
microsoftwindows_10_version_1607>= 10.0.14393.0 < 10.0.14393.592110.0.14393.5921
microsoftwindows_10_version_1809>= 10.0.0 < 10.0.17763.437710.0.17763.4377
microsoftwindows_10_version_1809>= 10.0.17763.0 < 10.0.17763.437710.0.17763.4377
microsoftwindows_10_version_20h2>= 10.0.0 < 10.0.19042.296510.0.19042.2965
microsoftwindows_10_version_21h2>= 10.0.19043.0 < 10.0.19044.296510.0.19044.2965
microsoftwindows_10_version_22h2>= 10.0.19045.0 < 10.0.19045.296510.0.19045.2965
microsoftwindows_11_version_21h2>= 10.0.0 < 10.0.22000.193610.0.22000.1936
microsoftwindows_11_version_22h2>= 10.0.22621.0 < 10.0.22621.170210.0.22621.1702
microsoftwindows_server_2008_r2_service_pack_1>= 6.1.7601.0 < 6.1.7601.265196.1.7601.26519
microsoftwindows_server_2008_service_pack_2>= 6.0.6003.0 < 6.0.6003.220706.0.6003.22070
microsoftwindows_server_2012>= 6.2.9200.0 < 6.2.9200.242666.2.9200.24266
microsoftwindows_server_2012_r2>= 6.3.9600.0 < 6.3.9600.209696.3.9600.20969
microsoftwindows_server_2016>= 10.0.14393.0 < 10.0.14393.592110.0.14393.5921
microsoftwindows_server_2019>= 10.0.17763.0 < 10.0.17763.437710.0.17763.4377
microsoftwindows_server_2022>= 10.0.20348.0 < 10.0.20348.172610.0.20348.1726
msrcwindows_10
msrcwindows_10_version_1607
msrcwindows_10_version_1809
msrcwindows_10_version_20h2
msrcwindows_10_version_21h2
msrcwindows_10_version_22h2
msrcwindows_11_version_21h2
msrcwindows_11_version_22h2
msrcwindows_server_2008

Detection & IOCsextracted from sources · hover to see the quote

  • The Outlook Preview Pane is a confirmed attack vector — flag/alert on RTF or specially crafted emails rendered in the Preview Pane without user opening the message.
  • Exploitation requires winning a race condition plus additional environment preparation steps — look for repeated/rapid OLE object rendering attempts or unusual pre-exploitation activity preceding Outlook crashes or code execution.
  • Check Point IPS signature available for network-level detection of CVE-2023-29325 exploitation attempts.
  • CVE-2023-29325 is publicly disclosed (not yet exploited in the wild at patch time) but rated 'Exploitation More Likely' — prioritize detection of Outlook-based OLE object handling anomalies.
  • ·Workaround: configuring Outlook to read all email in plain text format mitigates the Preview Pane attack vector, but causes loss of pictures, specialized fonts, animations, and other rich content; pictures become attachments.
  • ·The workaround applies to both the preview pane and open messages; the message remains in Rich Text or HTML format in the store, so custom code solutions (object model) may behave unexpectedly.

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
cvelistv58.1HIGH
vendor_msrc8.1HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.