Skip to main content

Autoupdate CVE-2025-47968

| EUVDEUVD-2025-17718 HIGH
Improper Input Validation (CWE-20)
2025-06-10 secure@microsoft.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

6
Analysis Updated
Apr 16, 2026 - 06:40 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
4.79
EUVD ID Assigned
Mar 14, 2026 - 19:49 euvd
EUVD-2025-17718
Analysis Generated
Mar 14, 2026 - 19:49 vuln.today
CVE Published
Jun 10, 2025 - 17:24 nvd
HIGH 7.8

DescriptionCVE.org

Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.

AnalysisAI

CVE-2025-47968 is an improper input validation vulnerability in Microsoft AutoUpdate (MAU) that allows a locally authenticated attacker to achieve privilege escalation on affected systems. The vulnerability has a CVSS score of 7.8 (High), indicating significant impact with confidentiality, integrity, and availability compromise. Active exploitation status and proof-of-concept availability cannot be confirmed from provided data, but the local attack vector with low complexity and low privilege requirement suggests elevated real-world risk for multi-user or shared systems.

Technical ContextAI

Microsoft AutoUpdate (MAU) is the automatic update mechanism for Microsoft Office on macOS and Windows platforms. The vulnerability stems from CWE-20 (Improper Input Validation), a root cause where MAU fails to adequately sanitize or validate user-supplied input before processing it in a privileged context. This likely occurs in update manifest parsing, configuration file handling, or update package verification routines. The lack of input validation allows an authenticated local user to craft malicious input that bypasses security checks, leading to code execution with elevated privileges. The vulnerability affects MAU versions used across Microsoft Office suites (Word, Excel, PowerPoint, Outlook, etc.) on macOS and potentially Windows platforms.

RemediationAI

Immediate remediation steps: (1) Apply security updates from Microsoft for AutoUpdate when released - monitor Microsoft Security Update Guide (portal.msrc.microsoft.com) for CVE-2025-47968 patches; (2) If patch unavailable, restrict local system access to trusted users only, implement principle of least privilege; (3) Disable AutoUpdate temporarily if available through Group Policy (Windows) or preferences (macOS) and manage updates manually until patches available; (4) Monitor Office 365 for automatic cloud-based remediation if applicable; (5) For macOS, ensure updated version through System Preferences > Microsoft AutoUpdate; (6) Verify installation from trusted sources only. Workarounds include restricting file system write permissions to MAU configuration directories and disabling local privilege elevation where possible through organizational policy.

Share

CVE-2025-47968 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy