CVE-2025-21346

HIGH

Microsoft Office - Security Feature Bypass

Title source: llm

Description

Microsoft Office Security Feature Bypass Vulnerability

References (1)

[Patch, Vendor Advisory] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21346

Scores

CVSS v3 7.1

EPSS 0.0031

EPSS Percentile 53.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

Classification

CWE

CWE-693

Status published

Affected Products (10)

microsoft/365_apps

microsoft/365_apps

microsoft/office

microsoft/office

microsoft/office

microsoft/office

microsoft/office_long_term_servicing_channel

microsoft/office_long_term_servicing_channel

microsoft/office_long_term_servicing_channel

microsoft/office_long_term_servicing_channel

Timeline

Published Jan 14, 2025

Tracked Since Feb 18, 2026