This vulnerability is within the OLE ActiveX control, and can be exploited by a remote attacker via the Microsoft Office application. To exploit this vulnerability, the attacker needs to click on a malicious link or open a malicious Office file.
RCE in Visio can be exploited when the user is logged on to an affected system and navigates to a malicious or compromised website. An attacker can host a specially crafted website or a website that is compromised to host malicious software on the website. When a user accesses the website, the attacker’s software on the website can exploit this RCE vulnerability in Visio to execute code on the user’s machine. This is a cross-site scripting vulnerability, and can be exploited just like any other cross-site scripting vulnerability. The user’s machine needs to have Internet access in order for the attacker’s software to be loaded onto the user’s machine. To exploit this vulnerability, the user just needs to visit the website, and click on a link or open a malicious Office file.
Description of the RCE Vulnerability
A vulnerability within the OLE ActiveX control in Microsoft Visio allows for remote code execution. This vulnerability is within a different component of Microsoft Office, so it can be exploited in different ways. One way this vulnerability can be exploited is by clicking on a malicious link or opening a malicious file that is saved to the user’s computer. To exploit the vulnerability, the attacker needs to have Internet access and host a specially crafted website or website that is compromised in order to host malicious software on the site. When visiting the site, the user will need to be logged onto an affected system and navigate to the site. The user will then be vulnerable to exploitation as they visit any page on the site, even if they don't open any malicious files or click on a malicious link. This is because this cross-site scripting vulnerability can only be exploited when Internet Explorer has been tricked into visiting an affected page.
To exploit this vulnerability, an attacker would need to have Internet access and trick Internet Explorer into visiting a specifically crafted page or website that has been compromised in order to host malicious software on it. A user would then need to access either one of these pages or websites while logged onto an affected system with Internet Explorer open in order to make use of this RCE vulnerability.
Timeline
Published on: 09/13/2022 19:15:00 UTC
Last modified on: 09/16/2022 18:53:00 UTC