← Back

CVE-2025-21364

nvd nist
Published: Jan 14, 2025Modified: Jul 1, 2025

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: secure@microsoft.com (Secondary)

Description

Microsoft Excel Security Feature Bypass Vulnerability

Affected (4)

Microsoft
2 products
365 Apps
Office Long Term Servicing Channel
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Microsoft
365 Apps
All versions
365 Apps
All versions
Microsoft
Office Long Term Servicing Channel
Version 2024
Office Long Term Servicing Channel
Version 2024

Related CWEs

CWE-502
Deserialization of Untrusted Data
The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

References (1)

Source: secure@microsoft.com
PatchVendor Advisory

Timeline

No history available yet.