CVE-2019-1297

Confirmed PUBLISHED

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka...

Microsoft · Microsoft Excel, Microsoft Office, Office 365 ProPlus
Exploited in the wild

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
8.8 High

At a Glance

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.

cisa microsoft
CVE Published
Sep 11, 2019
Exploitation Reported
Mar 03, 2022
CVSS
8.8 High
EPSS
Remote Low complexity Unauthenticated

Affected Versions

Vendor Product Version Status
Microsoft
Microsoft Excel

2010 Service Pack 2 (32-bit editions)

Affected
Microsoft
Microsoft Excel

2010 Service Pack 2 (64-bit editions)

Affected
Microsoft
Microsoft Excel

2013 Service Pack 1 (32-bit editions)

Affected
Microsoft
Microsoft Excel

2013 Service Pack 1 (64-bit editions)

Affected
Microsoft
Microsoft Excel

2013 RT Service Pack 1

Affected
Microsoft
Microsoft Excel

2016 (32-bit edition)

Affected
Microsoft
Microsoft Excel

2016 (64-bit edition)

Affected
Microsoft
Microsoft Office

2016 for Mac

Affected
Microsoft
Microsoft Office

2019 for 32-bit editions

Affected
Microsoft
Microsoft Office

2019 for 64-bit editions

Affected
Microsoft
Microsoft Office

2019 for Mac

Affected
Microsoft
Office 365 ProPlus

32-bit Systems

Affected
Microsoft
Office 365 ProPlus

64-bit Systems

Affected

CVE References

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.