How severe is CVE-2024-38226?

CVE-2024-38226 has a CVSS v3 score of 7.3 (HIGH).

CVE-2024-38226

Name: publisher
Author: microsoft

7.3HIGH

Microsoft Publisher Security Feature Bypass Vulnerability

公開日: 9/10/2024更新日: 10/28/2025

CISA既知の悪用された脆弱性

Microsoft Publisher contains a protection mechanism failure vulnerability that allows attacker to bypass Office macro policies used to block untrusted or malicious files.

必要な対応:

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

期限:

2024-10-01

説明

Microsoft Publisher Security Feature Bypass Vulnerability

AI分析AIによる分析

影響を受ける製品

microsoftoffice_2019

microsoftoffice_long_term_servicing_channel

2021

microsoftoffice_long_term_servicing_channel

2021

microsoftpublisher

2016

microsoftpublisher

2016

参照

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38226
PatchVendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-38226
US Government Resource