← back
CVE-2019-0801

CVE-2019-0801

EPSS 18.5%
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 18.5%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
09 Apr 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A remote code execution vulnerability exists when Microsoft Office fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file that points to an Excel or PowerPoint file that was also downloaded.The update addresses the vulnerability by correcting how Office handles these files., aka 'Office Remote Code Execution Vulnerability'.