What is CVE-2023-21737?

CVE-2023-21737 is a Microsoft Office Visio Remote Code Execution Vulnerability.

What software is affected by CVE-2023-21737?

CVE-2023-21737 affects Microsoft Office LTSC for Mac 2021, Microsoft Office 2019, Microsoft Office Long Term Servicing Channel, Microsoft Visio 2013 SP1, and Microsoft Visio 2016.

How severe is CVE-2023-21737?

CVE-2023-21737 has a severity rating of 7.8 (high).

How can I fix CVE-2023-21737?

To fix CVE-2023-21737, apply the relevant security updates provided by Microsoft for the affected software versions.

Where can I find more information about CVE-2023-21737?

More information about CVE-2023-21737 can be found at the following reference link: [link](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21737)

Vulnerability/
CVE-2023-21737

high

7.8

CWE

122

10/1/2023

2/8/2024

CVE-2023-21737: Microsoft Office Visio Remote Code Execution Vulnerability

First published: Tue Jan 10 2023(Updated: )

Microsoft Office Visio Remote Code Execution Vulnerability

Credit: secure@microsoft.com secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft 365 Apps
Microsoft Office	=2019
Microsoft Office Long Term Servicing Channel	=2021
Microsoft Visio	=2013-sp1
Microsoft Visio	=2016
Microsoft Office 2019 for 32-bit editions		fix available externally
Microsoft Office 2019 for 64-bit editions		fix available externally
Microsoft Visio 2016		fix available externally
Microsoft Visio 2016		fix available externally
Microsoft Office LTSC 2021 for 64-bit editions		fix available externally
Microsoft 365 Apps for Enterprise		fix available externally
Microsoft Visio 2013		fix available externally
Microsoft 365 Apps for Enterprise		fix available externally
Microsoft Visio 2013		fix available externally
Microsoft Office LTSC 2021 for 32-bit editions		fix available externally

Never miss a vulnerability like this again

Reference Links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21737 (Advisory)

Frequently Asked Questions

What is CVE-2023-21737?
CVE-2023-21737 is a Microsoft Office Visio Remote Code Execution Vulnerability.
What software is affected by CVE-2023-21737?
CVE-2023-21737 affects Microsoft Office LTSC for Mac 2021, Microsoft Office 2019, Microsoft Office Long Term Servicing Channel, Microsoft Visio 2013 SP1, and Microsoft Visio 2016.
How severe is CVE-2023-21737?
CVE-2023-21737 has a severity rating of 7.8 (high).
How can I fix CVE-2023-21737?
To fix CVE-2023-21737, apply the relevant security updates provided by Microsoft for the affected software versions.
Where can I find more information about CVE-2023-21737?
More information about CVE-2023-21737 can be found at the following reference link: [link](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21737)

agent/type
agent/first-publish-date
agent/title
agent/severity
agent/references
agent/description
collector/nvd-index
agent/software-canonical-lookup-request
collector/mitre-cve
source/MITRE
collector/msrc-cve
source/Microsoft
agent/software-canonical-lookup
agent/event
agent/softwarecombine
collector/nvd-api
source/NVD
agent/weakness
agent/author
agent/last-modified-date
agent/tags
vendor/microsoft
canonical/microsoft 365 apps
canonical/microsoft office
version/microsoft office/2019
canonical/microsoft office long term servicing channel
version/microsoft office long term servicing channel/2021
canonical/microsoft visio
version/microsoft visio/2013-sp1
version/microsoft visio/2016
canonical/microsoft office 2019 for 32-bit editions
canonical/microsoft office 2019 for 64-bit editions
canonical/microsoft visio 2016
canonical/microsoft office ltsc 2021 for 64-bit editions
canonical/microsoft 365 apps for enterprise
canonical/microsoft visio 2013
canonical/microsoft office ltsc 2021 for 32-bit editions