AI description
CVE-2025-54910 is a remote code execution (RCE) vulnerability affecting Microsoft Office. It is characterized by a heap-based buffer overflow. An attacker could exploit this vulnerability by convincing a target to open a specially crafted Office document or through Microsoft Outlook's Preview Pane. Successful exploitation of CVE-2025-54910 would grant the attacker RCE privileges on the target system, allowing them to execute arbitrary code with the privileges of the compromised user. Microsoft released patches for this vulnerability as part of their September 2025 Patch Tuesday updates.
- Description
- Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- 365_apps, office, office_long_term_servicing_channel
CVSS 3.1
- Type
- Primary
- Base score
- 8.4
- Impact score
- 5.9
- Exploitability score
- 2.5
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- secure@microsoft.com
- CWE-122
- Hype score
- Not currently trending
Vulnerabilidades críticas de Microsoft Office permiten a los atacantes ejecutar código malicioso CVE-2025-54910 CVE-2025-54906 https://t.co/3tuGnirysr https://t.co/7SATMvzpQG
@elhackernet
13 Sept 2025
10971 Impressions
56 Retweets
180 Likes
56 Bookmarks
2 Replies
1 Quote
🛡️Critical Microsoft Office Vulnerabilities Tracked as CVE-2025-54910 (Critical), CVE-2025-54906 (Important) ✅Immediate Actions- Install the latest Office updates: Microsoft has released patches ✅Disable 'Preview Pane' in File Explorer: triggered by previewing malicious
@girlsboysintech
11 Sept 2025
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️Critical Microsoft Office Vulnerabilities Tracked as CVE-2025-54910 (Critical), CVE-2025-54906 (Important) ✅Immediate Actions- Install the latest Office updates: Microsoft has released patches ✅Disable 'Preview Pane' in File Explorer: triggered by previewing malicious
@girlsboysintech
11 Sept 2025
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
به تازگی ۲ آسیب پذیری با کدهای شناسایی CVE-2025-54910 و CVE-2025-54906 برای ماکروسافت آفیس منتشر شده است. این دو آسیب پذیری باعث کنترل کامل هکر به سیستم قربانی و اجرای ک
@AmirHossein_sec
11 Sept 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️Critical Microsoft Office Vulnerabilities Tracked as CVE-2025-54910 (Critical), CVE-2025-54906 (Important) ✅Immediate Actions- Install the latest Office updates: Microsoft has released patches ✅Disable 'Preview Pane' in File Explorer: triggered by previewing malicious
@girlsboysintech
11 Sept 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-54910 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. https://t.co/CGO6WDvXU8
@CVEnew
9 Sept 2025
174 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"
},
{
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "CD25F492-9272-4836-832C-8439EBE64CCF"
},
{
"criteria": "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "72324216-4EB3-4243-A007-FEF3133C7DF9"
},
{
"criteria": "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "0FBB0E61-7997-4F26-9C07-54912D3F1C10"
},
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "CF5DDD09-902E-4881-98D0-CB896333B4AA"
},
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "26A3B226-5D7C-4556-9350-5222DC8EFC2C"
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x64:*",
"vulnerable": true,
"matchCriteriaId": "851BAC4E-9965-4F40-9A6C-B73D9004F4C1"
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x86:*",
"vulnerable": true,
"matchCriteriaId": "23B2FA23-76F4-4D83-A718-B8D04D7EA37B"
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*",
"vulnerable": true,
"matchCriteriaId": "BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x64:*",
"vulnerable": true,
"matchCriteriaId": "D31E509A-0B2E-4B41-88C4-0099E800AFE6"
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x86:*",
"vulnerable": true,
"matchCriteriaId": "017A7041-BEF1-4E4E-AC8A-EFC6AFEB01FE"
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*",
"vulnerable": true,
"matchCriteriaId": "EF3E56B5-E6A6-4061-9380-D421E52B9199"
}
],
"operator": "OR"
}
]
}
]