Is CVE-2019-1331 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Excel Services On Sharepoint Server 2010 Service Pack 2

CVE-2019-1331

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1327.

EPSS: 0.383 (97.3th percentile) — read the EPSS interpretation.

Affected products

Microsoft Excel Services On Sharepoint Server 2010 Service Pack 2 — versions unspecified
Microsoft Excel — versions 2010 Service Pack 2 (32-bit editions), 2010 Service Pack 2 (64-bit editions), 2013 Service Pack 1 (32-bit editions)
Microsoft Office — versions 2010 Service Pack 2 (32-bit editions), 2010 Service Pack 2 (64-bit editions), 2013 Service Pack 1 (32-bit editions)
Microsoft Sharepoint Enterprise Server — versions 2013 Service Pack 1
Microsoft Office 365 Proplus — versions 32-bit Systems, 64-bit Systems
Microsoft Office Online Server — versions unspecified

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1331 (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-1331?: CVE-2019-1331 is a vulnerability in Microsoft Excel Services On Sharepoint Server 2010 Service Pack 2. Published 2019-10-10.
Is CVE-2019-1331 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.