CVE-2020-16928

Name of the Vulnerable Software and Affected Versions: Microsoft Office Click-to-Run (C2R) (affected versions not specified)

Description: The issue is related to errors in handling objects in memory, which can allow an attacker to elevate their privileges. To exploit this, an attacker would need to convince a user to open a specially crafted file. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. Technical details about exploitation include that an attacker would need to convince a user to open a specially crafted file, but specific API Endpoints, Vulnerable Parameters or Variables, or Function Names are not mentioned.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.