According to the CVSS metric, the attack vector is local (AV:L), privileges are required (PR:L) and user interaction is required (UI:R). How could an attacker exploit this security feature bypass vulnerability? The attack itself is carried out locally by a user with authentication to the targeted system. An authenticated attacker could exploit the vulnerability by convincing a victim, through social engineering, to download and open a specially crafted file from a website which could lead to a local attack on the victim computer. According to the CVSS metric, successful exploitation of this vulnerability could lead to total loss of confidentiality (C:H), integrity (I:H), and availability (A:H). What does that mean for this vulnerability? An attacker who successfully exploits this vulnerability could perform a local attack potentially enabling access to the victim user's information, the ability to alter information, or the ability to cause downtime to the target environment. What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker who successfully exploited this vulnerability could bypass Office macro policies used to block untrusted or malicious files.
Hidetake Jo, Rick Cole, Charlie Hurel, and Matthew Mesa, Haifei Li with <a href="https://expmon.com/">EXPMON</a>