216.73.217.50

CVE-2017-11882 Will Never Die

· Published 13/08/2025 10:55 · Modified 13/08/2025 14:47

Export JSON

Essential information

Published
13/08/2025 10:55
Modified
13/08/2025 14:47
Tags
2025-08-13 CVE-2017-11882 equation editor exploit keylogger microsoft office obfuscation vipkeylogger
Related entities
1 vulnerabilities (cve), 6 observables, 8 techniques (mitre), 1 malware

Description

The report discusses the persistent exploitation of , a remote code execution vulnerability affecting 's . Despite being an old vulnerability, it continues to be used by attackers to spread modern malware. The analysis focuses on a malicious Excel file that exploits this vulnerability without using VBA macros. The file contains an obfuscated payload within an embedded object, which is identified as the . Further investigation reveals that the malware downloads a , a type of and stealer, with specific configuration details provided.

External references