CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Mar 24, 2022
Description
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
EPSS — Exploit Probability
90.5%
Higher than 99.6% of all CVEs
Required Action
https://nvd.nist.gov/vuln/detail/CVE-2017-11826
Risk Assessment
HIGHIn CISA KEV
High EPSS
Details
- Severity
- High
- EPSS
- 90.5%
- CISA KEV
- Yes
- Ransomware
- Unknown
- Articles
- 0
Timeline
Published
Mar 3, 2022
Added to KEV
Mar 3, 2022
Remediation Due
Mar 24, 2022