CVE-2018-0802
Published: 10 January 2018
Summary
CVE-2018-0802 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Microsoft Office. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 0.1% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
The vulnerability CVE-2018-0802 is a memory corruption flaw in the Equation Editor component of Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016. It arises from the way objects are handled in memory and is tracked as CWE-787, an out-of-bounds write condition. The issue is distinct from the related flaws CVE-2018-0797 and CVE-2018-0812.
An unauthenticated attacker can exploit the weakness by supplying a malicious document that triggers the flaw when opened, requiring local access and user interaction but no privileges. Successful exploitation yields arbitrary code execution with full impact on confidentiality, integrity, and availability.
Public references include security tracking entries and proof-of-concept implementations that demonstrate the memory handling issue in affected Equation Editor versions.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2018-1608
Vulnerability details
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is…
more
unique from CVE-2018-0797 and CVE-2018-0812.
- CWE(s)
- KEV Date Added
- 03 November 2021
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires timely patching of the Equation Editor memory corruption flaw in Office 2007-2016 to eliminate the out-of-bounds write.
Applies OS-level memory protections (ASLR, DEP, etc.) that raise the bar against successful exploitation of the CWE-787 write condition when a malicious document is opened.
Enforces least functionality by disabling or removing the vulnerable Equation Editor component so that malicious documents cannot trigger the flaw.