CVE Vulnerabilities

CVE-2025-21346

Protection Mechanism Failure

Published: Jan 14, 2025 | Modified: Jul 01, 2025

CVSS 3.x

7.8

HIGH

Source:

NVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS 2.x

RedHat/V2

RedHat/V3

Ubuntu

Vulnerability-free packages from our partners

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-21346
CWE	https://cwe.mitre.org/data/definitions/693.html

Microsoft Office Security Feature Bypass Vulnerability

Weakness

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

Affected Software

Name	Vendor	Start Version	End Version
365_apps	Microsoft	- (including)	- (including)
Office	Microsoft	2016 (including)	2016 (including)
Office	Microsoft	2019 (including)	2019 (including)
Office_long_term_servicing_channel	Microsoft	2021 (including)	2021 (including)
Office_long_term_servicing_channel	Microsoft	2024 (including)	2024 (including)

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21346

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.

Copyright © 2025 Aqua Security Software Ltd. Privacy Policy | Terms of Use