Use After Free Vulnerability in Microsoft Office Products
CVE-2025-24080
7.8HIGH
Key Information:
- Vendor
- Microsoft
- Status
- Vendor
- CVE Published:
- 11 March 2025
Summary
A use after free vulnerability in Microsoft Office could allow an attacker to execute unauthorized code on a user's system. Attackers may exploit this flaw to gain control over the affected machine, potentially leading to data breaches or unauthorized access to sensitive information. It is crucial for users and organizations to apply patches and updates to secure their systems against this vulnerability.
Affected Version(s)
Microsoft 365 Apps for Enterprise 32-bit Systems 16.0.1
Microsoft Office 2016 32-bit Systems 16.0.0 < 16.0.5491.1001
Microsoft Office 2019 32-bit Systems 19.0.0
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved