CVE-2012-1854
high
Microsoft
⚠️ CISA KEV — Exploited in the Wild
CVSS v3 Base Score
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
11.5%
Exploitation probability in 30 days
Top 6% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Confidentiality
High
Integrity
High
Availability
High
Published: July 10, 2012 (5056 days ago)
Last Modified: April 22, 2026
Vendor: Microsoft
Source: NVD
⚠️ CISA Known Exploited Vulnerability
Added to KEV: 2026-04-13
Remediation Due: 2026-04-27 (⚠ 18d overdue)
Vulnerability Report
Generated by CyberWatcher
Description
Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for Applications (VBA); and Summit Microsoft Visual Basic for Applications SDK allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .docx file, aka "Visual Basic for Applications Insecure Library Loading Vulnerability," as exploited in the wild in July 2012.
CWE
NVD-CWE-OtherAffected Products
microsoft officemicrosoft visual basic for applicationsmicrosoft visual basic for applications sdk