Microsoft Excel Information Disclosure Vulnerability_CVE-2025-59235

7.1 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C

Basic Information

ID CVE-2025-59235

Source microsoft

Published Oct 14, 2025 at 17:00

Modified Oct 14, 2025 at 18:48

Affected Product

Vendor Microsoft

Product Office Online Server

Version 16.0.0.0

Affected Versions Microsoft Office Online Server 16.0.0.0
Microsoft Microsoft SharePoint Enterprise Server 2016 16.0.0
Microsoft Microsoft SharePoint Server 2019 16.0.0
Microsoft Microsoft Office 2019 19.0.0
Microsoft Microsoft 365 Apps for Enterprise 16.0.1
Microsoft Microsoft Office LTSC for Mac 2021 16.0.1
Microsoft Microsoft Office LTSC 2021 16.0.1
Microsoft Microsoft Office LTSC 2024 16.0.0
Microsoft Microsoft Office LTSC for Mac 2024 16.0.0
Microsoft Microsoft Excel 2016 16.0.0.0
Microsoft Microsoft Access 2016 (32-bit edition) 16.0.0
Microsoft Microsoft Access 2016 16.0.0

CWE Classification

CWE-125

References

msrc.microsoft.com /update-guide/vulnerability/CVE-2025-59235

{
    "lastseen": "",
    "description": "",
    "published": "2025-10-14T17:00:38.382Z",
    "modified": "2025-10-14T18:48:11.444Z",
    "type": "cve",
    "title": "Microsoft Excel Information Disclosure Vulnerability",
    "source": "microsoft",
    "references": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59235",
    "id": "CVE-2025-59235",
    "bulletinFamily": "",
    "cwe": [
        "CWE-125"
    ],
    "cvelist": null,
    "sourceData": "Microsoft Office Online Server 16.0.0.0\nMicrosoft Microsoft SharePoint Enterprise Server 2016 16.0.0\nMicrosoft Microsoft SharePoint Server 2019 16.0.0\nMicrosoft Microsoft Office 2019 19.0.0\nMicrosoft Microsoft 365 Apps for Enterprise 16.0.1\nMicrosoft Microsoft Office LTSC for Mac 2021 16.0.1\nMicrosoft Microsoft Office LTSC 2021 16.0.1\nMicrosoft Microsoft Office LTSC 2024 16.0.0\nMicrosoft Microsoft Office LTSC for Mac 2024 16.0.0\nMicrosoft Microsoft Excel 2016 16.0.0.0\nMicrosoft Microsoft Access 2016 (32-bit edition) 16.0.0\nMicrosoft Microsoft Access 2016 16.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 7.1,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Office Online Server",
    "version": "16.0.0.0",
    "vendor": "Microsoft",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Basic Information

Affected Product

CWE Classification

References

💭 Join the Security Discussion ❌ Cancel Reply