What is CVE-2023-35372?

CVE-2023-35372 is a Microsoft Office Visio Remote Code Execution Vulnerability.

What software is affected by CVE-2023-35372?

Microsoft Office 365 Apps for Enterprise (x86 and x86_64), Microsoft Office 2019 (32-bit and 64-bit editions), Microsoft Office LTSC 2021 (32-bit and 64-bit editions), and Microsoft Office LTSC for Mac 2021 are affected by CVE-2023-35372.

What is the severity of CVE-2023-35372?

CVE-2023-35372 has a severity rating of 7.8 (high).

How can I fix CVE-2023-35372?

You can fix CVE-2023-35372 by applying the security updates provided by Microsoft. Please refer to the Microsoft Office security updates documentation for more information.

Where can I find more information about CVE-2023-35372?

You can find more information about CVE-2023-35372 on the Microsoft Security Response Center website.

Vulnerability/
CVE-2023-35372

high

7.8

CWE

190

8/8/2023

2/8/2024

CVE-2023-35372: Microsoft Office Visio Remote Code Execution Vulnerability

First published: Tue Aug 08 2023(Updated: )

Microsoft Office Visio Remote Code Execution Vulnerability

Credit: secure@microsoft.com secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Office 2019 for 64-bit editions		fix available externally
Microsoft Office LTSC 2021 for 64-bit editions		fix available externally
Microsoft Office LTSC 2021 for 32-bit editions		fix available externally
Microsoft Office 2019 for 32-bit editions		fix available externally
Microsoft 365 Apps for Enterprise		fix available externally
Microsoft 365 Apps for Enterprise		fix available externally
Microsoft Visio 2016		fix available externally
Microsoft Visio 2016		fix available externally
Microsoft 365 Apps
Microsoft Office	=2019
Microsoft Office Long Term Servicing Channel	=2021

Remedy

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35372

Never miss a vulnerability like this again

Reference Links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35372 (Advisory)

Frequently Asked Questions

What is CVE-2023-35372?
CVE-2023-35372 is a Microsoft Office Visio Remote Code Execution Vulnerability.
What software is affected by CVE-2023-35372?
Microsoft Office 365 Apps for Enterprise (x86 and x86_64), Microsoft Office 2019 (32-bit and 64-bit editions), Microsoft Office LTSC 2021 (32-bit and 64-bit editions), and Microsoft Office LTSC for Mac 2021 are affected by CVE-2023-35372.
What is the severity of CVE-2023-35372?
CVE-2023-35372 has a severity rating of 7.8 (high).
How can I fix CVE-2023-35372?
You can fix CVE-2023-35372 by applying the security updates provided by Microsoft. Please refer to the Microsoft Office security updates documentation for more information.
Where can I find more information about CVE-2023-35372?
You can find more information about CVE-2023-35372 on the Microsoft Security Response Center website.

collector/msrc
agent/author
agent/type
agent/first-publish-date
agent/remedy
agent/references
agent/title
agent/severity
collector/msrc-cve
source/Microsoft
agent/software-canonical-lookup
agent/description
agent/event
collector/nvd-index
agent/software-canonical-lookup-request
agent/softwarecombine
collector/mitre-cve
source/MITRE
collector/nvd-api
source/NVD
agent/last-modified-date
agent/weakness
agent/tags
vendor/microsoft
canonical/microsoft office 2019 for 64-bit editions
canonical/microsoft office ltsc 2021 for 64-bit editions
canonical/microsoft office ltsc 2021 for 32-bit editions
canonical/microsoft office 2019 for 32-bit editions
canonical/microsoft 365 apps for enterprise
canonical/microsoft visio 2016
canonical/microsoft 365 apps
canonical/microsoft office
version/microsoft office/2019
canonical/microsoft office long term servicing channel
version/microsoft office long term servicing channel/2021