CVE-2023-21823

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 3, 2026 4 articles

VulnLookup ↗ NVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24

2.35%

probability

This CVE has a 2.35% probability of being exploited in the next 30 days.

0% Top 85.1th percentile of all CVEs 100%

CVSS score unavailable

Neither CIRCL nor NVD returned a CVSS score for this CVE. View on VulnerabilityLookup ↗

Description

Project Zero

Windows Graphics Component RCE

Attack Intelligence

CWE-190 · Integer Overflow CWE-682 · Incorrect Calculation

Google Project Zero

Patched

Feb. 14, 2023

Reported by

Genwei Jiang & Dhanesh Kizhakkinan of Mandiant

Root Cause Analysis

???

CISA warns of Windows and iOS bugs exploited as zero-days

BleepingComputer Feb 16, 2023

The February 2023 Patch Tuesday Security Update Review

Qualys Feb 15, 2023

Microsoft February 2023 Patch Tuesday fixes 3 exploited zero-days, 77 flaws

BleepingComputer Feb 14, 2023

Security Advisory 2023-009

CERT-EU Feb 16, 2023

Signal Intelligence

Confidenceⓘ

78%

EPSS 2.35%

Mentions 4

Last Seen Feb 16, 2023

CNA Information

Analyst Note

CVE-2023-21823 is confirmed as a high-severity remote code execution vulnerability in Microsoft Office for Android with a CVSS score of 7.8. While not yet listed in CISA KEV, the vulnerability has been documented by CERT-EU and tracked by Google Project Zero, providing credible third-party validation of the threat.

Threat Actors 1

LAPSUS

apt_group 🇬🇧 GB

Triage Info

Decided atMar 03, 2026