cve/2023/CVE-2023-33148.md

### [CVE-2023-33148](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33148)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20365%20Apps%20for%20Enterprise&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%202013%20Click-to-Run%20(C2R)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%202019&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%20LTSC%202021&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=15.0.0.0%3C%2015.0.5571.1000%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen)

### Description

Microsoft Office Elevation of Privilege Vulnerability

### POC

#### Reference
- http://packetstormsecurity.com/files/173591/Microsoft-Office-365-18.2305.1222.0-Remote-Code-Execution.html

#### Github
No PoCs found on GitHub currently.