PT-2025-36872 · Microsoft · Office+1
Devoke
+3
·
Publicado
2025-09-09
·
Atualizado
2025-10-20
·
CVE-2025-54906
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Microsoft Office (affected versions not specified)
Description:
A free of memory issue not on the heap in Microsoft Office may allow an unauthorized attacker to execute code locally. The vulnerability allows remote attackers to execute arbitrary code and affect the system.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Use After Free
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Office
Sharepoint Server