JVN#04984838: Multiple Microsoft Office products vulnerable to untrusted search path

Overview

Multiple Microsoft Office products contain an untrusted search path vulnerability.

Products Affected

Microsoft Office Deployment Tool vertsions 1.0 to 16.0.19426.20170
Microsoft SharePoint Server Subscription Edition vertsions 16.0.0 to 16.0.19127.20442
Microsoft SharePoint Enterprise Server 2016 vertsions 16.0.0 to 16.0.5535.1001
Microsoft Office 2016 (64-bit edition) vertsions 16.0.0 to 16.0.5535.1000
Microsoft Office 2016 (32-bit edition) vertsions 16.0.0 to 16.0.5535.1000
Microsoft SharePoint Server 2019 vertsions 16.0.0 to 16.0.10417.20083

Description

Multiple Microsoft Office products contain the following vulnerability.

Untrusted search path (CWE-426, CVE-2026-20943)

Impact

Arbitrary code may be executed by a local attacker without authentication.

Solution

Update the Software
Update the software to the latest version according to the information provided by the developer.

Vendor Status

Vendor	Link
Microsoft	CVE-2026-20943 - Security Update Guide - Microsoft - Microsoft Office Click-To-Run Remote Code Execution Vulnerability

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia	JVNDB-2026-000013

JVN#04984838 Multiple Microsoft Office products vulnerable to untrusted search path