PT-2025-20993 · Microsoft · Office Excel

0X140Ce

Published

2025-05-13

Updated

2025-07-15

CVE-2025-30383

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Microsoft Office Excel versions prior to May 2025 updates

Description: The issue is related to a type confusion flaw in Microsoft Office Excel, allowing an unauthorized attacker to execute code locally. This enables remote attackers to execute arbitrary code and affect the system.

Recommendations: For versions prior to May 2025 updates, update to the latest version that includes the May 2025 updates to secure the environment. At the moment, there is no information about additional mitigation measures for this specific issue.

Fix

RCE

Type Confusion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-843

Related Identifiers

BDU:2025-05620

CVE-2025-30383

Affected Products

Office Excel

PT-2025-20993 · Microsoft · Office Excel

CVE-2025-30383

Weakness Enumeration

Related Identifiers

Affected Products

References · 9