CVE-2018-0798
Published: 10 January 2018
Summary
CVE-2018-0798 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Microsoft Office. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 0.1% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 contains a memory corruption vulnerability that permits remote code execution. The flaw stems from improper handling of objects in memory and is tracked under CWE-787, with an associated CVSS 3.1 score of 8.8 reflecting network attack vector, low complexity, and no required privileges.
An unauthenticated remote attacker can exploit the issue by delivering a malicious document that triggers Equation Editor processing, resulting in arbitrary code execution with full confidentiality, integrity, and availability impact once user interaction occurs.
The Microsoft Security Response Center advisory at portal.msrc.microsoft.com and related trackers at securityfocus.com and securitytracker.com address the vulnerability, while a 0patch analysis discusses continued support options for the legacy Equation Editor component.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2018-1604
Vulnerability details
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability".
- CWE(s)
- KEV Date Added
- 03 November 2021
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly implements memory protections that block exploitation of the CWE-787 object-handling corruption in Equation Editor.
Requires prompt application of Microsoft patches that eliminate the Equation Editor memory-corruption flaw before exploitation.
Enforces least functionality by disabling or removing the legacy Equation Editor component, eliminating the vulnerable attack surface.