Use After Free Vulnerability in Microsoft Office Products
CVE-2025-24080

7.8HIGH

Summary

A use after free vulnerability in Microsoft Office could allow an attacker to execute unauthorized code on a user's system. Attackers may exploit this flaw to gain control over the affected machine, potentially leading to data breaches or unauthorized access to sensitive information. It is crucial for users and organizations to apply patches and updates to secure their systems against this vulnerability.

Affected Version(s)

Microsoft 365 Apps for Enterprise 32-bit Systems 16.0.1

Microsoft Office 2016 32-bit Systems 16.0.0 < 16.0.5491.1001

Microsoft Office 2019 32-bit Systems 19.0.0

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.