Use After Free Vulnerability in Microsoft Excel by Microsoft
CVE-2025-30393

7.8HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft 365 Apps For Enterprise; Microsoft Office Ltsc For Mac 2021; Microsoft Office Ltsc 2021; Microsoft Office Ltsc 2024
Vendor: CVE Published:; 13 May 2025

What is CVE-2025-30393?

A vulnerability exists in Microsoft Excel that allows unauthorized code execution due to a Use After Free error. This security flaw can be exploited by an attacker to invoke arbitrary code on a targeted system where the affected software is installed, potentially leading to further system compromise. Users are advised to apply the latest security patches from Microsoft to mitigate this risk and ensure their systems are protected against potential exploitation.

Affected Version(s)

Microsoft 365 Apps for Enterprise 32-bit Systems 16.0.1

Microsoft Office LTSC 2021 x64-based Systems 16.0.1

Microsoft Office LTSC 2024 32-bit Systems 1.0.0

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2025
Vulnerability Reserved
Mar 21, 2025