CVE-2025-32704
published 2025-05-13CVE-2025-32704: Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | excel | — | — |
| microsoft | microsoft_365_apps_for_enterprise | >= 16.0.1 < https://aka.ms/OfficeSecurityReleases | https://aka.ms/OfficeSecurityReleases |
| microsoft | microsoft_excel_2016 | >= 16.0.0.0 < 16.0.5500.1001 | 16.0.5500.1001 |
| microsoft | microsoft_office_2019 | >= 19.0.0 < https://aka.ms/OfficeSecurityReleases | https://aka.ms/OfficeSecurityReleases |
| microsoft | microsoft_office_ltsc_2021 | >= 16.0.1 < https://aka.ms/OfficeSecurityReleases | https://aka.ms/OfficeSecurityReleases |
| microsoft | microsoft_office_ltsc_2024 | >= 16.0.0 < https://aka.ms/OfficeSecurityReleases | https://aka.ms/OfficeSecurityReleases |
| microsoft | office | — | — |
| microsoft | office_long_term_servicing_channel | — | — |
| microsoft | office_long_term_servicing_channel | — | — |
| msrc | microsoft_365_apps_for_enterprise_for_32-bit_systems | — | — |
| msrc | microsoft_365_apps_for_enterprise_for_64-bit_systems | — | — |
| msrc | microsoft_excel_2016 | — | — |
| msrc | microsoft_office_2019_for_32-bit_editions | — | — |
| msrc | microsoft_office_2019_for_64-bit_editions | — | — |
| msrc | microsoft_office_ltsc_2021_for_32-bit_editions | — | — |
| msrc | microsoft_office_ltsc_2021_for_64-bit_editions | — | — |
| msrc | microsoft_office_ltsc_2024_for_32-bit_editions | — | — |
| msrc | microsoft_office_ltsc_2024_for_64-bit_editions | — | — |