Anviz AIM CrossChex Standard 4.3 Excel Macro Injection

CSV (XLS) Injection (Excel Macro Injection or Formula Injection) exists in the AIM CrossChex version 4.3 when importing or exporting users using xls Excel file. This can be exploited to execute arbitrary commands on the affected system via SE attacks when an attacker inserts formula payload in the Name field when adding a user or using the custom fields Gender, Position, Phone, Birthday, Employ Date and Address. Upon importing, the application will launch Excel program and execute the malicious macro formula.

Link: https://packetstormsecurity.com/files/150129/ZSL-2018-5498.txt