CVE-2025-21381

High

Published: 11 February 2025

Published

11 February 2025

Modified

01 July 2025

KEV Added

—

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score 0.0043 62.6th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Description

Microsoft Excel Remote Code Execution Vulnerability

Security Summary

CVE-2025-21381 is a Remote Code Execution vulnerability in Microsoft Excel. Published on 2025-02-11, it carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) and is associated with CWE-822 and NVD-CWE-noinfo.

The vulnerability can be exploited by an attacker with local access who tricks a user into performing an action, such as opening a malicious Excel file, given the low attack complexity and requirement for user interaction but no privileges. Successful exploitation enables remote code execution in the context of the user, resulting in high impacts to confidentiality, integrity, and availability.

Mitigation details are available in the Microsoft Security Response Center advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21381.

Details

CWE(s): CWE-822NVD-CWE-noinfo

Affected Products

microsoft

365 apps

all versions

microsoft

excel

2016

microsoft

office

2019

microsoft

office long term servicing channel

2021, 2024

microsoft

office online server

≤ 16.0.10416.20058

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21381
Patch, Vendor Advisory · secure@microsoft.com