PT-2025-1245 · Microsoft · 365 Apps For Enterprise+2

Boolgombear

Publicado

2025-01-14

Atualizado

2025-08-25

CVE-2025-21354

CVSS v3.1

8.4

Alta

Vetor

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Microsoft Excel (affected versions not specified)

Description The issue is related to a remote code execution problem in Microsoft Excel. It is associated with the dereferencing of an untrusted pointer in Microsoft Office and 365 Apps for Enterprise packages. Exploitation of this issue could allow an attacker to execute arbitrary code.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Untrusted Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-822

Identificadores relacionados

BDU:2025-00637

CVE-2025-21354

Produtos afetados

365 Apps For Enterprise

Office Excel

Office

PT-2025-1245 · Microsoft · 365 Apps For Enterprise+2

CVE-2025-21354

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6