CVE-2022-44713: Microsoft Outlook for Mac Spoofing Vulnerability

Overview

Severity

High (CVSS 7.5)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C

Category

Spoofing

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2022-Dec

Released

2022-12-13

EPSS Score

11.18% (percentile: 93.5%)

FAQ

What is the nature of the spoofing? An attacker could appear as a trusted user when they should not be. This could cause a user to mistakenly trust a signed email message as if it came from a legitimate user.

Affected Products (2)

Microsoft Office

• Microsoft Office LTSC for Mac 2021
• Microsoft Office 2019 for Mac

Security Updates (1)

• Release Notes

Acknowledgments

<a href="https://www.linkedin.com/in/romanaz/">Roman Azarenko</a> with <a href="https://iopsys.io/">IOPSYS Software Solutions AB</a>

Revision History

• 2022-12-13: Information published.