8.4
CVE-2025-53733
- EPSS 0.16%
- Published 12.08.2025 17:10:32
- Last modified 18.08.2025 17:00:01
- Source secure@microsoft.com
- Teams watchlist Login
- Open Login
Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Data is provided by the National Vulnerability Database (NVD)
Microsoft ≫ Office Long Term Servicing Channel Version2021 SwPlatform- HwPlatformx64
Microsoft ≫ Office Long Term Servicing Channel Version2021 SwPlatform- HwPlatformx86
Microsoft ≫ Office Long Term Servicing Channel Version2021 SwPlatformmacos
Microsoft ≫ Office Long Term Servicing Channel Version2024 SwPlatform- HwPlatformx64
Microsoft ≫ Office Long Term Servicing Channel Version2024 SwPlatform- HwPlatformx86
Microsoft ≫ Office Long Term Servicing Channel Version2024 SwPlatformmacos
Microsoft ≫ Sharepoint Enterprise Server Version2016
Microsoft ≫ Sharepoint Server Version2019
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.373 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| secure@microsoft.com | 8.4 | 2.5 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-681 Incorrect Conversion between Numeric Types
When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.