CVE-2025-30379

Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:*:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:*:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*
cpe:2.3:a:microsoft:office_online_server:*:*:*:*:*:*:*:*

History

19 May 2025, 14:17

Type Values Removed Values Added
CPE cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x64:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x86:*
cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x64:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x86:*
cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*
cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*
cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*
cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:*:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:*:*
cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*

19 May 2025, 13:44

Type Values Removed Values Added
First Time Microsoft
Microsoft excel
Microsoft 365 Apps
Microsoft office
Microsoft office Online Server
Microsoft office Long Term Servicing Channel
Summary
  • (es) La liberación de un puntero o referencia no válidos en Microsoft Office Excel permite que un atacante no autorizado ejecute código localmente.
CPE cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x64:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x86:*
cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x64:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x86:*
cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*
cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*
cpe:2.3:a:microsoft:office_online_server:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*
References () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30379 - () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30379 - Vendor Advisory

13 May 2025, 17:16

Type Values Removed Values Added
New CVE

Information

Published : 2025-05-13 17:16

Updated : 2025-05-19 14:17


NVD link : CVE-2025-30379

Mitre link : CVE-2025-30379

CVE.ORG link : CVE-2025-30379


JSON object : View

Products Affected

microsoft

  • 365_apps
  • office
  • office_long_term_servicing_channel
  • office_online_server
  • excel
CWE
CWE-763

Release of Invalid Pointer or Reference