What is CVE-2023-36413?

CVE-2023-36413 is a Microsoft Office Security Feature Bypass Vulnerability.

Which software is affected by CVE-2023-36413?

Office LTSC 2021 for 32-bit editions, Office 2016 (32-bit), 365 Apps for Enterprise, Office 2019 for 32-bit editions, Office LTSC 2021 for 64-bit editions, Office 2019 for 64-bit editions, 365 Apps for Enterprise (x86), and Office 2016 (64-bit) are affected by CVE-2023-36413.

How severe is CVE-2023-36413?

CVE-2023-36413 has a severity rating of 6.5, which is considered high.

How can I fix CVE-2023-36413?

To fix CVE-2023-36413, you should apply the relevant security updates or patches provided by Microsoft. Please refer to the Microsoft documentation for specific remedies and download links.

Where can I find more information about CVE-2023-36413?

You can find more information about CVE-2023-36413 on the Microsoft Security Response Center (MSRC) website.

Vulnerability/
CVE-2023-36413

medium

6.5

14/11/2023

22/11/2023

CVE-2023-36413: Microsoft Office Security Feature Bypass Vulnerability

First published: Tue Nov 14 2023(Updated: )

Microsoft Office Security Feature Bypass Vulnerability

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Office 2019 for 32-bit editions		fix available externally
Microsoft Office 2016		fix available externally
Microsoft Office LTSC 2021 for 64-bit editions		fix available externally
Microsoft Office 2019 for 64-bit editions		fix available externally
Microsoft 365 Apps for Enterprise		fix available externally
Microsoft Office 2016		fix available externally
Microsoft 365 Apps for Enterprise		fix available externally
Microsoft Office LTSC 2021 for 32-bit editions		fix available externally
Microsoft 365 Apps
Microsoft Office	=2016
Microsoft Office	=2019
Microsoft Office Long Term Servicing Channel	=2021

Remedy

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36413

Never miss a vulnerability like this again

Reference Links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36413 (Advisory)

Frequently Asked Questions

What is CVE-2023-36413?
CVE-2023-36413 is a Microsoft Office Security Feature Bypass Vulnerability.
Which software is affected by CVE-2023-36413?
Office LTSC 2021 for 32-bit editions, Office 2016 (32-bit), 365 Apps for Enterprise, Office 2019 for 32-bit editions, Office LTSC 2021 for 64-bit editions, Office 2019 for 64-bit editions, 365 Apps for Enterprise (x86), and Office 2016 (64-bit) are affected by CVE-2023-36413.
How severe is CVE-2023-36413?
CVE-2023-36413 has a severity rating of 6.5, which is considered high.
How can I fix CVE-2023-36413?
To fix CVE-2023-36413, you should apply the relevant security updates or patches provided by Microsoft. Please refer to the Microsoft documentation for specific remedies and download links.
Where can I find more information about CVE-2023-36413?
You can find more information about CVE-2023-36413 on the Microsoft Security Response Center (MSRC) website.

collector/msrc
collector/mitre-cve
agent/type
agent/first-publish-date
source/Microsoft
collector/msrc-cve
agent/last-modified-date
agent/references
agent/title
agent/remedy
agent/author
agent/severity
agent/description
agent/software-canonical-lookup
agent/event
agent/softwarecombine
agent/tags
collector/nvd-api
agent/software-canonical-lookup-request
vendor/microsoft
canonical/microsoft office 2019 for 32-bit editions
canonical/microsoft office 2016
canonical/microsoft office ltsc 2021 for 64-bit editions
canonical/microsoft office 2019 for 64-bit editions
canonical/microsoft 365 apps for enterprise
canonical/microsoft office ltsc 2021 for 32-bit editions
canonical/microsoft 365 apps
canonical/microsoft office
version/microsoft office/2016
version/microsoft office/2019
canonical/microsoft office long term servicing channel
version/microsoft office long term servicing channel/2021