7.8
CVE-2025-30379
- EPSS 0.74%
- Veröffentlicht 13.05.2025 16:58:41
- Zuletzt bearbeitet 19.05.2025 14:17:44
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Microsoft Excel Remote Code Execution Vulnerability
Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Office Long Term Servicing Channel Version2021 SwPlatform-
Microsoft ≫ Office Long Term Servicing Channel Version2021 SwPlatformmacos
Microsoft ≫ Office Long Term Servicing Channel Version2024 SwPlatform-
Microsoft ≫ Office Long Term Servicing Channel Version2024 SwPlatformmacos
Microsoft ≫ Office Online Server Version < 16.0.10417.20010
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.74% | 0.731 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-763 Release of Invalid Pointer or Reference
The product attempts to return a memory resource to the system, but it calls the wrong release function or calls the appropriate release function incorrectly.