Security Feature Bypass in Microsoft Office Developer Platform
CVE-2025-49756

3.3LOW

Key Information:

Vendor: Microsoft
Status: Microsoft 365 Apps For Enterprise
Vendor: CVE Published:; 8 July 2025

What is CVE-2025-49756?

A vulnerability in the Microsoft Office Developer Platform arises from the use of a flawed or insecure cryptographic algorithm. This weakness allows an authorized attacker to circumvent crucial security features locally. It is essential for users to assess their exposure and apply relevant security measures to mitigate this risk.

Affected Version(s)

Microsoft 365 Apps for Enterprise 32-bit Systems 16.0.1

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 8, 2025
Vulnerability Reserved
Jun 9, 2025