CVE-2017-8570 (GCVE-0-2017-8570)

Vulnerability from cvelistv5 – Published: 2017-07-11 21:00 – Updated: 2025-10-21 23:55
VLAI CISA KEV KEVintel KEV
Summary
Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0243.
Severity
7.8 (High)
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
SSVC
Exploitation: active Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Date Public
2017-07-11 00:00
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 9a6e76e0-b2b3-46f4-a5ac-279c2c201401

Vulnerability ID: CVE-2017-8570

Status: Confirmed

Status Updated: 2022-02-25 00:00 UTC

Exploited: Yes

Timestamps
First Seen: 2022-02-25
Asserted: 2022-02-25
Scope
Notes: KEV entry: Microsoft Office Remote Code Execution Vulnerability | Affected: Microsoft / Office | Description: A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. | Required action: Apply updates per vendor instructions. | Due date: 2022-08-25 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2017-8570
Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details
Cwes
Feed CISA Known Exploited Vulnerabilities Catalog
Product Office
Due Date 2022-08-25
Date Added 2022-02-25
Vendorproject Microsoft
Vulnerabilityname Microsoft Office Remote Code Execution Vulnerability
Knownransomwarecampaignuse Unknown
References
Created: 2026-02-02 12:28 UTC | Updated: 2026-02-06 07:17 UTC
KEVintel KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 60fa79a1-620c-48c7-b751-f4555b734a3e

Vulnerability ID: CVE-2017-8570

Status: Confirmed

Status Updated: 2022-02-25 00:00 UTC

Exploited: Yes

Timestamps
First Seen: 2022-02-25
Asserted: 2022-02-25
Scope
Notes: KEVIntel entry: Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code... | Affected: Microsoft Corporation / Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, and Microsoft Office 2016. | CVSS: 7.8 (HIGH) | Used in malware: unknown | Not yet in CISA KEV: False
Evidence

Type: Public Report

Signal: Successful Exploitation

Confidence: 70%

Source: kevintel

Details
Feed KEVIntel (kevintel.com)
Title Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code...
Vendor Microsoft Corporation
Product Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, and Microsoft Office 2016.
Added Date 2022-02-25T00:00:00.000Z
Cvss Score 7.8
Epss Score None
Cvss Severity HIGH
Epss Percentile None
Used In Malware unknown
Ahead Of Cisa Kev None
Not Yet In Cisa Kev False
References
Created: 2026-06-19 12:47 UTC | Updated: 2026-06-19 12:47 UTC
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:41:23.725Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "99445",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99445"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/rxwx/CVE-2017-8570"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tezukanice/Office8570"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8570"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ParsingTeam/ppsx-file-generator"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2017-8570",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-10T14:50:10.277536Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-02-25",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-8570"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:55:38.760Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-8570"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-02-25T00:00:00.000Z",
            "value": "CVE-2017-8570 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, and Microsoft Office 2016.",
          "vendor": "Microsoft Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Microsoft Office"
            }
          ]
        }
      ],
      "datePublic": "2017-07-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka \"Microsoft Office Remote Code Execution Vulnerability\". This CVE ID is unique from CVE-2017-0243."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-03-04T19:57:01.000Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "99445",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99445"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/rxwx/CVE-2017-8570"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tezukanice/Office8570"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8570"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ParsingTeam/ppsx-file-generator"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "DATE_PUBLIC": "2017-07-11T00:00:00",
          "ID": "CVE-2017-8570",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, and Microsoft Office 2016.",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Microsoft Office"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Microsoft Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka \"Microsoft Office Remote Code Execution Vulnerability\". This CVE ID is unique from CVE-2017-0243."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Remote Code Execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "99445",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99445"
            },
            {
              "name": "https://github.com/rxwx/CVE-2017-8570",
              "refsource": "MISC",
              "url": "https://github.com/rxwx/CVE-2017-8570"
            },
            {
              "name": "https://github.com/tezukanice/Office8570",
              "refsource": "MISC",
              "url": "https://github.com/tezukanice/Office8570"
            },
            {
              "name": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8570",
              "refsource": "CONFIRM",
              "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8570"
            },
            {
              "name": "https://github.com/ParsingTeam/ppsx-file-generator",
              "refsource": "MISC",
              "url": "https://github.com/ParsingTeam/ppsx-file-generator"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2017-8570",
    "datePublished": "2017-07-11T21:00:00.000Z",
    "dateReserved": "2017-05-03T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:55:38.760Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2017-8570",
      "dateAdded": "2022-02-25",
      "dueDate": "2022-08-25",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2017-8570",
      "product": "Office",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory.",
      "vendorProject": "Microsoft",
      "vulnerabilityName": "Microsoft Office Remote Code Execution Vulnerability"
    },
    "epss": {
      "cve": "CVE-2017-8570",
      "date": "2026-06-19",
      "epss": "0.89889",
      "percentile": "0.99777"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-08-25",
      "cisaExploitAdd": "2022-02-25",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "Microsoft Office Remote Code Execution Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"FEECD12A-5BEF-4675-B62E-86CF4A7474D7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"081DE1E3-4622-4C32-8B9C-9AEC1CD20638\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"120690A6-E0A1-4E36-A35A-C87109ECC064\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*\", \"matchCriteriaId\": \"F7DDFFB8-2337-4DD7-8120-56CC8EF134B4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0B3B0BC-C7C6-4687-AD72-DCA29FF9AE3A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka \\\"Microsoft Office Remote Code Execution Vulnerability\\\". This CVE ID is unique from CVE-2017-0243.\"}, {\"lang\": \"es\", \"value\": \"Microsoft Office permite una vulnerabilidad de ejecuci\\u00f3n remota de c\\u00f3digo debido a la forma en la que gestiona los objetos en la memoria. Esto tambi\\u00e9n se conoce como \\\"Microsoft Office Remote Code Execution Vulnerability\\\". El ID de este CVE es diferente de CVE-2017-0243.\"}]",
      "id": "CVE-2017-8570",
      "lastModified": "2024-11-21T03:34:16.730",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2017-07-11T21:29:01.267",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/99445\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://github.com/ParsingTeam/ppsx-file-generator\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/rxwx/CVE-2017-8570\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/tezukanice/Office8570\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8570\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/99445\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://github.com/ParsingTeam/ppsx-file-generator\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/rxwx/CVE-2017-8570\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/tezukanice/Office8570\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8570\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@microsoft.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-8570\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2017-07-11T21:29:01.267\",\"lastModified\":\"2026-04-22T13:48:23.890\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka \\\"Microsoft Office Remote Code Execution Vulnerability\\\". This CVE ID is unique from CVE-2017-0243.\"},{\"lang\":\"es\",\"value\":\"Microsoft Office permite una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo debido a la forma en la que gestiona los objetos en la memoria. Esto tambi\u00e9n se conoce como \\\"Microsoft Office Remote Code Execution Vulnerability\\\". El ID de este CVE es diferente de CVE-2017-0243.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"cisaExploitAdd\":\"2022-02-25\",\"cisaActionDue\":\"2022-08-25\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Microsoft Office Remote Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEECD12A-5BEF-4675-B62E-86CF4A7474D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"081DE1E3-4622-4C32-8B9C-9AEC1CD20638\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"120690A6-E0A1-4E36-A35A-C87109ECC064\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*\",\"matchCriteriaId\":\"F7DDFFB8-2337-4DD7-8120-56CC8EF134B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"72324216-4EB3-4243-A007-FEF3133C7DF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*\",\"matchCriteriaId\":\"0FBB0E61-7997-4F26-9C07-54912D3F1C10\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/99445\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/ParsingTeam/ppsx-file-generator\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/rxwx/CVE-2017-8570\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/tezukanice/Office8570\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8570\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/99445\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/ParsingTeam/ppsx-file-generator\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/rxwx/CVE-2017-8570\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/tezukanice/Office8570\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8570\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-8570\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.securityfocus.com/bid/99445\", \"name\": \"99445\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://github.com/rxwx/CVE-2017-8570\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/tezukanice/Office8570\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8570\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/ParsingTeam/ppsx-file-generator\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T16:41:23.725Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2017-8570\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-10T14:50:10.277536Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-02-25\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-8570\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-02-25T00:00:00.000Z\", \"value\": \"CVE-2017-8570 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-8570\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-10T14:48:55.380Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Microsoft Corporation\", \"product\": \"Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, and Microsoft Office 2016.\", \"versions\": [{\"status\": \"affected\", \"version\": \"Microsoft Office\"}]}], \"datePublic\": \"2017-07-11T00:00:00.000Z\", \"references\": [{\"url\": \"http://www.securityfocus.com/bid/99445\", \"name\": \"99445\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://github.com/rxwx/CVE-2017-8570\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/tezukanice/Office8570\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8570\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/ParsingTeam/ppsx-file-generator\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka \\\"Microsoft Office Remote Code Execution Vulnerability\\\". This CVE ID is unique from CVE-2017-0243.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Remote Code Execution\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2018-03-04T19:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"Microsoft Office\"}]}, \"product_name\": \"Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, and Microsoft Office 2016.\"}]}, \"vendor_name\": \"Microsoft Corporation\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://www.securityfocus.com/bid/99445\", \"name\": \"99445\", \"refsource\": \"BID\"}, {\"url\": \"https://github.com/rxwx/CVE-2017-8570\", \"name\": \"https://github.com/rxwx/CVE-2017-8570\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/tezukanice/Office8570\", \"name\": \"https://github.com/tezukanice/Office8570\", \"refsource\": \"MISC\"}, {\"url\": \"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8570\", \"name\": \"https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8570\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://github.com/ParsingTeam/ppsx-file-generator\", \"name\": \"https://github.com/ParsingTeam/ppsx-file-generator\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka \\\"Microsoft Office Remote Code Execution Vulnerability\\\". This CVE ID is unique from CVE-2017-0243.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Remote Code Execution\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2017-8570\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secure@microsoft.com\", \"DATE_PUBLIC\": \"2017-07-11T00:00:00\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2017-8570\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:55:38.760Z\", \"dateReserved\": \"2017-05-03T00:00:00.000Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2017-07-11T21:00:00.000Z\", \"assignerShortName\": \"microsoft\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.