Microsoft Office Security Feature Bypass Vulnerability - Microsoft
CVE-2025-21346
7.1HIGH
Key Information:
- Vendor
- Microsoft
- Status
- Vendor
- CVE Published:
- 14 January 2025
Summary
This vulnerability allows attackers to bypass important security features in Microsoft Office applications, potentially enabling malicious actions to be performed without proper authorization. Exploiting this weakness could expose users to a range of security risks, including unauthorized access to sensitive data. It is crucial for users and organizations to stay informed about this vulnerability and implement necessary patches and updates to safeguard their systems.
Affected Version(s)
Microsoft 365 Apps for Enterprise 32-bit Systems 16.0.1
Microsoft Office 2016 32-bit Systems 16.0.0 < 16.0.5483.1001
Microsoft Office 2019 32-bit Systems 19.0.0
References
CVSS V3.1
Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved