CVE-2025-53735 — Use After Free in Microsoft 365 Apps FOR Enterprise

Severity

7.8HIGHNVD

EPSS

0.1%

top 73.85%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedAug 12

Description

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

▶CVEListV5microsoft/microsoft_excel_201616.0.0.0 — 16.0.5513.1000

▶CVEListV5microsoft/office_online_server16.0.0.0 — 16.0.10417.20034

▶CVEListV5microsoft/microsoft_office_201919.0.0 — https://aka.ms/OfficeSecurityReleases

▶CVEListV5microsoft/microsoft_office_ltsc_202116.0.1 — https://aka.ms/OfficeSecurityReleases

▶CVEListV5microsoft/microsoft_office_ltsc_202416.0.0 — https://aka.ms/OfficeSecurityReleases

GHSA

GHSA-5hch-hc3r-5hp2: Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally↗2025-08-12

▶

CVEList

Microsoft Excel Remote Code Execution Vulnerability↗2025-08-12

▶

Microsoft

Microsoft Excel Remote Code Execution Vulnerability↗2025-08-12

▶