vulnerability

Microsoft Office: CVE-2018-8628: Microsoft PowerPoint: CVE-2018-8628

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Dec 12, 2018

Added

Aug 13, 2020

Modified

May 29, 2026

Description

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server.

Solution

office-click-to-run-upgrade-latest

References

CVE-2018-8628
https://attackerkb.com/topics/CVE-2018-8628
EUVD-EUVD-2018-20240
https://euvd.enisa.europa.eu/vulnerability/EUVD-2018-20240

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report