Use After Free Vulnerability in Microsoft Office Excel by Microsoft
CVE-2025-29823

7.8HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft 365 Apps For Enterprise
Vendor: CVE Published:; 8 April 2025

Summary

A use after free vulnerability in Microsoft Office Excel could allow an unauthorized attacker to execute code locally on a victim's system. This security flaw could potentially be exploited by carefully crafted files that, when opened, allow the attacker to gain control of the affected Excel application. Users are recommended to apply the latest security updates from Microsoft to protect their systems from potential intrusions.

Affected Version(s)

Microsoft 365 Apps for Enterprise 32-bit Systems 16.0.1

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 8, 2025
Vulnerability Reserved
Mar 11, 2025