CVE-2022-26901: Microsoft Excel Remote Code Execution Vulnerability
First published: Tue Apr 12 2022(Updated: )
Microsoft Excel Remote Code Execution Vulnerability
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Excel 2016 | ||
| Microsoft 365 Apps for Enterprise | ||
| Microsoft Office 2016 | ||
| Microsoft Office 2013 RT | ||
| Microsoft Office 2013 | ||
| Microsoft Excel 2013 | ||
| Microsoft Office 2016 | ||
| Microsoft Office Web Apps Server 2013 | ||
| Microsoft Excel 2013 | ||
| Microsoft Excel 2013 RT | ||
| Microsoft Office 2019 for Mac | ||
| Microsoft 365 Apps for Enterprise | ||
| Microsoft Office 2013 | ||
| Microsoft Office LTSC for Mac 2021 | ||
| Microsoft Office Online Server | ||
| Microsoft Office LTSC 2021 for 32-bit editions | ||
| Microsoft Excel 2016 | ||
| Microsoft Office LTSC 2021 for 64-bit editions | ||
| Microsoft 365 Apps | ||
| Microsoft Excel | =2013-sp1 | |
| Microsoft Excel | =2016 | |
| Microsoft Excel Rt | =2013-sp1 | |
| Microsoft Office | =2013-sp1 | |
| Microsoft Office | =2013_rt-sp1 | |
| Microsoft Office | =2016 | |
| Microsoft Office | =2019 | |
| Microsoft Office | =2021 | |
| Microsoft Office | =2021 | |
| Microsoft Office Online Server | ||
| Microsoft Office Web Apps Server | =2013-sp1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-26901?
CVE-2022-26901 is a Microsoft Excel Remote Code Execution Vulnerability.
Which software is affected by CVE-2022-26901?
CVE-2022-26901 affects Microsoft Office LTSC for Mac 2021, Microsoft Excel 2013 SP1, Microsoft Excel 2016, Microsoft Excel RT 2013 SP1, Microsoft Office 2013 SP1, Microsoft Office 2013 RT SP1, Microsoft Office 2016, Microsoft Office 2019, Microsoft Office 2021, Microsoft Office Online Server, Microsoft Office Web Apps Server 2013, and Microsoft 365 Apps for Enterprise.
What is the severity of CVE-2022-26901?
The severity of CVE-2022-26901 is high, with a CVSS score of 7.8.
How do I fix CVE-2022-26901?
To fix CVE-2022-26901, apply the security updates provided by Microsoft for the affected software versions.
Where can I find more information about CVE-2022-26901?
You can find more information about CVE-2022-26901 on the Microsoft Security Response Center (MSRC) website.
- agent/event
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/severity
- agent/title
- agent/references
- agent/author
- agent/softwarecombine
- agent/tags
- agent/description
- collector/mitre-cve
- source/MITRE
- collector/msrc-cve
- source/Microsoft
- agent/software-canonical-lookup
- vendor/microsoft
- canonical/microsoft 365 apps
- canonical/microsoft excel
- version/microsoft excel/2013-sp1
- version/microsoft excel/2016
- canonical/microsoft excel rt
- version/microsoft excel rt/2013-sp1
- canonical/microsoft office
- version/microsoft office/2013-sp1
- version/microsoft office/2013_rt-sp1
- version/microsoft office/2016
- version/microsoft office/2019
- version/microsoft office/2021
- canonical/microsoft office online server
- canonical/microsoft office web apps server
- version/microsoft office web apps server/2013-sp1
- canonical/microsoft office 2016
- canonical/microsoft 365 apps for enterprise
- canonical/microsoft office ltsc 2021 for 32-bit editions
- canonical/microsoft excel 2016
- canonical/microsoft office 2013
- canonical/microsoft office web apps server 2013
- canonical/microsoft excel 2013 rt
- canonical/microsoft office ltsc for mac 2021
- canonical/microsoft excel 2013
- canonical/microsoft office ltsc 2021 for 64-bit editions
- canonical/microsoft office 2013 rt
- canonical/microsoft office 2019 for mac