KEVIntel
Back to KEVs
6.5
CVSS
Medium

CVE-2023-36761

PUBLISHED

Microsoft Word Information Disclosure Vulnerability

Exploited in the wild Remote Low complexity
Vendor
Microsoft
Product
Microsoft Office 2019, Microsoft 365 Apps for Enterprise, Microsoft Office LTSC 2021, Microsoft Word 2016, Microsoft Word 2013 Service Pack 1
Published
Sep 12, 2023
EPSS

Description

Microsoft Word Information Disclosure Vulnerability

cisa microsoft nessus_scanner

CVSS scores

CVSS v3.1 6.5 Medium

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

Exploitation status

Exploited in the wild

Recorded 2023-09-12 00:00:00 UTC · Source

SSVC decision points

Exploitation
active
Automatable
No
Technical impact
total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CISA Sep 12, 2023

Scanner integrations

Scanner Reference Detected
Nessus https://www.tenable.com/plugins/nessus/181344 Jun 02, 2025

Timeline

  • CVE ID Reserved

  • Added to KEVIntel

  • CVE Published to Public

  • Detected by Nessus