Microsoft Autoupdate For Mac vulnerabilities

8 known vulnerabilities affecting microsoft/microsoft_autoupdate_for_mac.

Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH8

Vulnerabilities

Page 1 of 1
CVE-2025-55317HIGHCVSS 7.8≥ 4.0.0, < 4.802025-09-09
CVE-2025-55317 [HIGH] CWE-59 CVE-2025-55317: Improper link resolution before file access ('link following') in Microsoft AutoUpdate (MAU) allows Improper link resolution before file access ('link following') in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-47968HIGHCVSS 7.8≥ 4.0.0, < 4.792025-06-10
CVE-2025-47968 [HIGH] CWE-20 CVE-2025-47968: Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate pri Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-29800HIGHCVSS 7.8≥ 4.0.0, < 4.782025-04-08
CVE-2025-29800 [HIGH] CWE-269 CVE-2025-29800: Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-29801HIGHCVSS 7.8≥ 4.0.0, < 4.782025-04-08
CVE-2025-29801 [HIGH] CWE-276 CVE-2025-29801: Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-24036HIGHCVSS 7.0≥ 4.0.0, < 4.78.250225272025-02-11
CVE-2025-24036 [HIGH] CWE-367 CVE-2025-24036: Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
cvelistv5nvd
CVE-2025-21360HIGHCVSS 7.8≥ 4.0.0, < 4.762025-01-14
CVE-2025-21360 [HIGH] CWE-269 CVE-2025-21360: Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
cvelistv5nvd
CVE-2024-43492HIGHCVSS 7.8fixed in 4.722024-09-10
CVE-2024-43492 [HIGH] CWE-284 CVE-2024-43492: Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
cvelistv5nvd
CVE-2020-0984HIGHCVSS 7.8vunspecified2020-04-15
CVE-2020-0984 [HIGH] CWE-20 CVE-2020-0984: An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for M An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka 'Microsoft (MAU) Office Elevation of Privilege Vulnerability'.
cvelistv5nvd