Skip to main content
Waters Employee Login
 
Waters

Is NuGenesis affected by the CVE-2023-36884 vulnerability, or by Microsoft's recommended mitigations for that defect? - WKB266692

  1. Last updated
  2. Save as PDF
Article number: 266692

ENVIRONMENT

  • NuGenesis 9
  • NuGenesis 8

ANSWER

CVE-2023-36884 conerns a remote-code execution vulnerability in Microsoft Office applications. Per the description of this CVE as of July 2023, Office applications can start process in the system when sent carefully crafted documents from an attacker. Microsoft's recommended mitigations—in the absence of a patch—are to disallow the creation of processes by Office apps.

NuGenesis does not invoke processes via Microsoft Office; therefore, neither SDMS nor LMS are affected by CVE-2023-36884, nor by the recommended mitigations.

ADDITIONAL INFORMATION

 

id266692, NGLMS, NGLMSLIC, NGLMSOPT, SDMS, SDMS8, SDMS8NU, SUPISDMS, SUPNG

Not able to find a solution? Click here to request help.