May 29, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Adobe ColdFusion Vulnerabilities
April 30, 2025
Multiple GitLab Products Vulnerabilities
April 30, 2025
Multiple Adobe ColdFusion Vulnerabilities
April 30, 2025
Multiple GitLab Products Vulnerabilities
April 30, 2025
Severity
High
Analysis Summary
CVE-2025-29791 CVSS:7.8
Microsoft Excel could allow a local attacker to execute arbitrary code on the system, caused by type confusion.
CVE-2025-27750 CVSS:7.8
Microsoft Excel could allow a local attacker to execute arbitrary code on the system, caused by use-after-free.
CVE-2025-27752 CVSS:7.8
Microsoft Excel could allow a local attacker to execute arbitrary code on the system, caused by heap-based buffer overflow.
Impact
- Code Execution
Indicators of Compromise
CVE
CVE-2025-29791
CVE-2025-27750
CVE-2025-27752
Affected Vendors
- Microsoft
Affected Products
- Microsoft 365 Apps for Enterprise - 16.0.1
- Microsoft Office 2019 - 19.0.0
- Microsoft Office LTSC 2021 - 16.0.1
- Microsoft Excel 2016 - 16.0.0.0
- Microsoft Office LTSC for Mac 2021 - N/A
- Microsoft Office LTSC for Mac 2024 - N/A
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.
