Skip to main content

Microsoft CVE-2025-47162

| EUVDEUVD-2025-17768 HIGH
Heap-based Buffer Overflow (CWE-122)
2025-06-10 secure@microsoft.com
8.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.4 HIGH
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

6
Analysis Updated
Apr 16, 2026 - 06:41 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
16.98.25060824,16.0.5504.1000,16.0.18925.20000
EUVD ID Assigned
Mar 14, 2026 - 19:49 euvd
EUVD-2025-17768
Analysis Generated
Mar 14, 2026 - 19:49 vuln.today
CVE Published
Jun 10, 2025 - 17:23 nvd
HIGH 8.4

DescriptionCVE.org

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

AnalysisAI

Heap-based buffer overflow vulnerability in Microsoft Office that allows unauthenticated local attackers to execute arbitrary code with high privileges. The vulnerability affects Microsoft Office products across multiple versions and requires no user interaction or special privileges to exploit. With a CVSS score of 8.4 and local attack vector, this represents a severe local privilege escalation and code execution risk; exploitation status and real-world activity should be verified against KEV catalogs and EPSS scoring.

Technical ContextAI

This vulnerability is a CWE-122 (Heap-based Buffer Overflow), a classic memory corruption flaw where untrusted input writes beyond allocated heap memory boundaries. In Microsoft Office, the overflow likely occurs during parsing of malformed document files (e.g., .docx, .xlsx, .pptx formats) or embedded objects within Office documents. The heap corruption allows an attacker to overwrite adjacent memory structures and corrupt heap metadata, potentially enabling code execution through heap spray techniques or Return-Oriented Programming (ROP) chains. Microsoft Office processes documents in multiple libraries and parsers (including legacy COM-based handlers and modern OOXML processing), making buffer boundaries in parsing routines a critical attack surface. The local attack vector (AV:L) indicates the attacker must have local access to the system or the ability to plant a malicious Office document that a local user opens.

RemediationAI

Remediation strategy: (1) Apply Microsoft security patches immediately upon release—monitor Microsoft Security Update Guide and MSRC (Microsoft Security Response Center) for KB articles and patch bundles addressing CVE-2025-47162; (2) Prioritize patching for endpoints where Office is installed and files are frequently opened from untrusted sources; (3) Interim mitigations pending patch deployment: Disable or restrict Office macro execution and block opening of Office documents from untrusted sources via email and file-sharing policies; (4) For Office 365 / Microsoft 365 subscribers, enable automatic updates; (5) Consider disabling Office COM object instantiation if not needed; (6) Use Application Guard for Microsoft Office if available on target OS. Obtain patch KB numbers and specific version updates from Microsoft Security Advisory or MSRC portal once published.

Share

CVE-2025-47162 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy