CVE-2025-47175

| EUVD-2025-17724 HIGH
2025-06-10 [email protected]
7.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Mar 14, 2026 - 19:49 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 19:49 euvd
EUVD-2025-17724
PoC Detected
Jul 09, 2025 - 13:27 vuln.today
Public exploit code
CVE Published
Jun 10, 2025 - 17:23 nvd
HIGH 7.8

Tags

Microsoft Denial Of Service Office Powerpoint Office Long Term Servicing Channel 365 Apps

Description

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

Analysis

Use-after-free vulnerability in Microsoft Office PowerPoint that allows an unauthenticated local attacker to execute arbitrary code with high integrity and confidentiality impact. The vulnerability requires user interaction (opening a malicious PowerPoint file) but no elevated privileges, making it accessible to standard user accounts. With a CVSS score of 7.8 and local attack vector, this represents a moderate-to-high severity risk for organizations where PowerPoint is widely deployed.

Technical Context

This vulnerability exploits a use-after-free condition (CWE-416) in PowerPoint's file parsing or object handling logic. Use-after-free flaws occur when a program references memory that has been deallocated, allowing attackers to corrupt heap structures or execute code at a freed memory location. In PowerPoint's context, this likely involves the Office Open XML (OOXML) file format parser or the presentation object model, where specially crafted .pptx or .ppt files trigger premature object destruction followed by subsequent access. The vulnerability affects Microsoft Office PowerPoint components responsible for rendering or processing presentation content, with the attack vector being local file access requiring user interaction to open a malicious presentation.

Affected Products

Microsoft Office PowerPoint - all recent versions are potentially affected based on CVE description specificity to 'Microsoft Office PowerPoint' without version limitation. Affected CPE likely includes: cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:* with PowerPoint component, potentially cpe:2.3:a:microsoft:powerpoint:*. Specific version ranges require Microsoft security advisory (MSRC) data; commonly affected versions historically include Office 2019, Office 2021, Microsoft 365 Apps (formerly Office 365 ProPlus) across all channels. Users running PowerPoint on Windows (primary attack vector) are most at risk, though Office for Mac may also be vulnerable depending on whether both platforms share the vulnerable code path.

Remediation

Apply Microsoft's official security update for CVE-2025-47175 via: (1) Windows Update/Microsoft Update for Windows-integrated Office installations, (2) Microsoft 365 automatic updates for cloud-subscribed versions, (3) Direct download from Microsoft Download Center for standalone Office versions. Immediate patch availability is typical for CVSS 7.8+ flaws. Interim mitigations pending patch deployment: (1) Disable PowerPoint file opening from untrusted sources; (2) Configure AppLocker/WDAC to restrict PowerPoint execution; (3) Use Windows Defender/Microsoft Defender for endpoint with real-time file scanning; (4) Block .pptx/.ppt files at email gateway if feasible for operations; (5) Disable macros in PowerPoint if not required. Verify patch installation via 'Help > About' in PowerPoint to confirm build number matches advisory.

Priority Score

59
Low Medium High Critical
KEV: 0
EPSS: +0.5
CVSS: +39
POC: +20

Share

CVE-2025-47175 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy