PULSE
LIVE19signals / 24h
FEED
ransomqilin reclama a Cafar · AR · Agriculture and Food Productionransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomqilin reclama a Cafar · AR · Agriculture and Food Productionransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcare
← All CVEs
CVE Watch

CVE-2021-38646

Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability

CVSS

No CVSS

EPSS

4.4%

p90

KEV

YES

Mar 28, 2022

Exploit Today

77

0-100

Published: · Last modified:

EPSS · 30d
4.0%EPSS · 30 days4.4%
2026-06-302026-07-17
KEV catalog record

Product

Microsoft / Office

Vulnerability

Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability

Added to KEV

Mar 28, 2022

Remediate by

Apr 18, 2022

Known ransomware use

Yes

Summary description

Microsoft Office Access Connectivity Engine contains an unspecified vulnerability which can allow for remote code execution.

Required action

Apply updates per vendor instructions.

Notes

https://nvd.nist.gov/vuln/detail/CVE-2021-38646

Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2017-11882
100.0%
KEV80Microsoft Office Memory Corruption Vulnerability
CVE-2023-23397
99.9%
KEV80Microsoft Office Outlook Privilege Escalation Vulnerability
CVE-2015-1641
99.9%
KEV80Microsoft Office Memory Corruption Vulnerability
CVE-2018-0798
99.9%
KEV80Microsoft Office Memory Corruption Vulnerability
CVE-2018-0802
99.8%
KEV80Microsoft Office Memory Corruption Vulnerability
CVE-2017-8570
99.8%
KEV80Microsoft Office Remote Code Execution Vulnerability