What is CVE-2017-8631?

CVE-2017-8631 is a high-severity vulnerability in Microsoft Excel. CVSS score: 7.8/10. Published 2017-09-13.

How severe is CVE-2017-8631?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Microsoft Excel

CVE-2017-8631

A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Mi…

EPSS: 0.214 (95.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Microsoft Excel — versions 2007, 2010, 2013
Microsoft Excel_viewer — versions 2007
Microsoft Excel_web_app — versions 2013
Microsoft Office_compatibility_pack
Microsoft Office_online_server
Microsoft Office_web_apps — versions 2013
Microsoft Corporation Office — versions Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Web App 2013 Service Pack 1, Microsoft Excel Viewer 2007 Service Pack 3, and Office Online Server

References

secure@microsoft.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
secure@microsoft.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
secure@microsoft.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2017-8631?: CVE-2017-8631 is a high-severity vulnerability in Microsoft Excel. CVSS score: 7.8/10. Published 2017-09-13.
How severe is CVE-2017-8631?: High severity. CVSS v3 base score is 7.8 out of 10.