CVE-2025-47968

| EUVD-2025-17718 HIGH
2025-06-10 [email protected]
7.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 14, 2026 - 19:49 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 19:49 euvd
EUVD-2025-17718
CVE Published
Jun 10, 2025 - 17:24 nvd
HIGH 7.8

Tags

Microsoft Apple Privilege Escalation Autoupdate

Description

Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.

Analysis

CVE-2025-47968 is an improper input validation vulnerability in Microsoft AutoUpdate (MAU) that allows a locally authenticated attacker to achieve privilege escalation on affected systems. The vulnerability has a CVSS score of 7.8 (High), indicating significant impact with confidentiality, integrity, and availability compromise. Active exploitation status and proof-of-concept availability cannot be confirmed from provided data, but the local attack vector with low complexity and low privilege requirement suggests elevated real-world risk for multi-user or shared systems.

Technical Context

Microsoft AutoUpdate (MAU) is the automatic update mechanism for Microsoft Office on macOS and Windows platforms. The vulnerability stems from CWE-20 (Improper Input Validation), a root cause where MAU fails to adequately sanitize or validate user-supplied input before processing it in a privileged context. This likely occurs in update manifest parsing, configuration file handling, or update package verification routines. The lack of input validation allows an authenticated local user to craft malicious input that bypasses security checks, leading to code execution with elevated privileges. The vulnerability affects MAU versions used across Microsoft Office suites (Word, Excel, PowerPoint, Outlook, etc.) on macOS and potentially Windows platforms.

Affected Products

Microsoft AutoUpdate (MAU) - specific versions not provided in available data. Based on MAU distribution model, affected versions likely include: (1) MAU 4.x and earlier versions on macOS (Office 2016, Office 2019, Microsoft 365 for Mac); (2) AutoUpdate components in Windows Office installations. CPE identifiers would typically include: cpe:2.3:a:microsoft:autoupdate:*:*:*:*:*:macos:*:* and related Windows variants. Affected applications include Microsoft Office suite (Word, Excel, PowerPoint, Outlook, OneNote, Teams) that rely on MAU for automatic updates. Organizations should check Microsoft Security Update Guide and macOS Office release notes for specific version information and affected product list.

Remediation

Immediate remediation steps: (1) Apply security updates from Microsoft for AutoUpdate when released - monitor Microsoft Security Update Guide (portal.msrc.microsoft.com) for CVE-2025-47968 patches; (2) If patch unavailable, restrict local system access to trusted users only, implement principle of least privilege; (3) Disable AutoUpdate temporarily if available through Group Policy (Windows) or preferences (macOS) and manage updates manually until patches available; (4) Monitor Office 365 for automatic cloud-based remediation if applicable; (5) For macOS, ensure updated version through System Preferences > Microsoft AutoUpdate; (6) Verify installation from trusted sources only. Workarounds include restricting file system write permissions to MAU configuration directories and disabling local privilege elevation where possible through organizational policy.

Priority Score

40
Low Medium High Critical
KEV: 0
EPSS: +0.6
CVSS: +39
POC: 0

Share

CVE-2025-47968 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy