Improper Input Validation in Microsoft Outlook by Microsoft
CVE-2025-47171

6.7MEDIUM

Key Information:

Vendor

Microsoft
Status
Microsoft Office 2019
Microsoft 365 Apps For Enterprise
Microsoft Office Ltsc 2021
Microsoft Office Ltsc 2024
Vendor
CVE Published:
10 June 2025

Badges

๐Ÿ‘พ Exploit Exists๐Ÿ“ฐ News Worthy

What is CVE-2025-47171?

A vulnerability exists in Microsoft Office Outlook due to improper input validation, allowing an attacker with valid credentials to execute arbitrary code on the affected system. This issue highlights the necessity for robust input validation mechanisms to prevent unauthorized actions and maintain system integrity. For further details and guidance, refer to Microsoft's official advisory.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Microsoft 365 Apps for Enterprise 32-bit Systems 16.0.1

Microsoft Office 2019 32-bit Systems 19.0.0

Microsoft Office LTSC 2021 x64-based Systems 16.0.1

News Articles

favicon imageMorphisec

Microsoft Patches Two New RCE Vulnerabilities: CVE-2025-47171 and CVE-2025-47176ย 

Morphisec Threat Labs discovers and details two severe Microsoft Outlook vulnerabilities: CVE-2025-47171 and CVE-2025-47176.

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • ๐Ÿ“ฐ

    First article discovered by Morphisec

  • Vulnerability published

  • Vulnerability Reserved

JSON
.