CVE-2025-29822
published 2025-04-08CVE-2025-29822: Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally.
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally.
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | microsoft_365_apps_for_enterprise | >= 16.0.1 < https://aka.ms/OfficeSecurityReleases | https://aka.ms/OfficeSecurityReleases |
| microsoft | microsoft_office_2019 | >= 19.0.0 < https://aka.ms/OfficeSecurityReleases | https://aka.ms/OfficeSecurityReleases |
| microsoft | microsoft_office_ltsc_2021 | >= 16.0.1 < https://aka.ms/OfficeSecurityReleases | https://aka.ms/OfficeSecurityReleases |
| microsoft | microsoft_office_ltsc_2024 | >= 16.0.0 < https://aka.ms/OfficeSecurityReleases | https://aka.ms/OfficeSecurityReleases |
| microsoft | microsoft_office_ltsc_for_mac_2021 | >= 16.0.1 < 16.96.25041326 | 16.96.25041326 |
| microsoft | microsoft_office_ltsc_for_mac_2024 | >= 16.0.0 < 16.96.25041326 | 16.96.25041326 |
| microsoft | microsoft_onenote | >= 1.0.0 < 16.96.25033028 | 16.96.25033028 |
| microsoft | microsoft_onenote_2016 | >= 16.0.0 < 16.0.5495.1001 | 16.0.5495.1001 |
| microsoft | office | — | — |
| microsoft | office_long_term_servicing_channel | — | — |
| microsoft | office_long_term_servicing_channel | — | — |
| microsoft | onenote | — | — |
| msrc | microsoft_365_apps_for_enterprise_for_32-bit_systems | — | — |
| msrc | microsoft_365_apps_for_enterprise_for_64-bit_systems | — | — |
| msrc | microsoft_office_2019_for_32-bit_editions | — | — |
| msrc | microsoft_office_2019_for_64-bit_editions | — | — |
| msrc | microsoft_office_ltsc_2021_for_32-bit_editions | — | — |
| msrc | microsoft_office_ltsc_2021_for_64-bit_editions | — | — |
| msrc | microsoft_office_ltsc_2024_for_32-bit_editions | — | — |
| msrc | microsoft_office_ltsc_2024_for_64-bit_editions | — | — |
| msrc | microsoft_office_ltsc_for_mac_2021 | — | — |
| msrc | microsoft_office_ltsc_for_mac_2024 | — | — |
| msrc | microsoft_onenote_2016 | — | — |
| msrc | microsoft_onenote_for_mac | — | — |