The Microsoft Excel Products are missing security updates.
It is, therefore, affected by multiple vulnerabilities:
– A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2020-17123, CVE-2020-17125, CVE-2020-17127, CVE-2020-17128, CVE-2020-17129)
– An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2020-17126)
– A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.
(CVE-2020-17130)Read More