CVE-2024-43600

Published Dec 12, 2024

Last updated a year ago

CVSS high 7.8

Overview

Description
Microsoft Office Elevation of Privilege Vulnerability
Source
secure@microsoft.com
NVD status
Analyzed
Products
office

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

secure@microsoft.com
CWE-284
nvd@nist.gov
NVD-CWE-noinfo

Social media

Hype score
Not currently trending

  1. CVE-2024-43600 (CVSS:7.8, HIGH) is Awaiting Analysis. Microsoft Office Elevation of Privilege Vulnerability..https://t.co/Sbqb6Uak5C #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    17 Dec 2024

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2024-43600 Microsoft Office Elevation of Privilege Vulnerability https://t.co/zaE6l2H1Bp

    @CVEnew

    10 Dec 2024

    202 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally.CVE-2026-26134
  2. Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.CVE-2026-26113
  3. Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.CVE-2026-26112
  4. Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.CVE-2026-26110
  5. Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.CVE-2026-26109

References

Sources include official advisories and independent security research.