CVE-2025-55243

Published: Sep 9, 2025Modified: Oct 2, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: secure@microsoft.com (Secondary)

Description

Exposure of sensitive information to an unauthorized actor in Microsoft Office Plus allows an unauthorized attacker to perform spoofing over a network.

Affected (1)

Products: Microsoft: Officeplus

Microsoft

1 product

Officeplus

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft Officeplus	Before 3.10.0.26585

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (1)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55243

Source: secure@microsoft.com

Vendor Advisory

Timeline

No history available yet.