CVE Vulnerabilities

CVE-2025-32704

Buffer Over-read

Published: May 13, 2025 | Modified: May 19, 2025
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Weakness

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

Affected Software

Name Vendor Start Version End Version
365_apps Microsoft - (including) - (including)
Excel Microsoft 2016 (including) 2016 (including)
Office Microsoft 2019 (including) 2019 (including)
Office_long_term_servicing_channel Microsoft 2021 (including) 2021 (including)
Office_long_term_servicing_channel Microsoft 2024 (including) 2024 (including)

References