Multiple Adobe ColdFusion Vulnerabilities

April 30, 2025

Multiple GitLab Products Vulnerabilities

April 30, 2025

Multiple Microsoft Excel Vulnerabilities

April 30, 2025

Severity

High

Analysis Summary

CVE-2025-29791 CVSS:7.8

Microsoft Excel could allow a local attacker to execute arbitrary code on the system, caused by type confusion.

CVE-2025-27750 CVSS:7.8

Microsoft Excel could allow a local attacker to execute arbitrary code on the system, caused by use-after-free.

CVE-2025-27752 CVSS:7.8

Microsoft Excel could allow a local attacker to execute arbitrary code on the system, caused by heap-based buffer overflow.

Impact

Code Execution

Indicators of Compromise

CVE

CVE-2025-29791
CVE-2025-27750
CVE-2025-27752

Affected Vendors

Microsoft

Affected Products

Microsoft 365 Apps for Enterprise - 16.0.1
Microsoft Office 2019 - 19.0.0
Microsoft Office LTSC 2021 - 16.0.1
Microsoft Excel 2016 - 16.0.0.0
Microsoft Office LTSC for Mac 2021 - N/A
Microsoft Office LTSC for Mac 2024 - N/A

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.

CVE-2025-29791

CVE-2025-27750

CVE-2025-27752

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Patchwork APT Group – Active IOCs

VS Code in Browser Exposes Sessions

Multiple F5 BIG-IP Products Vulnerabilities

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Multiple Adobe ColdFusion Vulnerabilities

Multiple GitLab Products Vulnerabilities

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.