CNNVD-202509-1285 Information
CNNVD ID
CNNVD-202509-1285
Related CVE
- CNNVD Published: 2025-09-09
Description (Chinese)
Microsoft Excel是美国微软(Microsoft)公司的一款Office套件中的电子表格处理软件。 Microsoft Excel存在资源管理错误漏洞。攻击者利用该漏洞可以远程执行代码。以下产品和版本受到影响:Microsoft Office LTSC for Mac 2021,Microsoft Office LTSC 2021 for 64-bit editions,Microsoft Office LTSC 2021 for 32-bit editions,Microsoft Office LTSC 2024 for 32-bit editions,Microsoft Office LTSC 2024 for 64-bit editions,Microsoft Office LTSC for Mac 2024,Microsoft Excel 2016 (32-bit edition),Microsoft Excel 2016 (64-bit edition),Microsoft Office 2019 for 32-bit editions,Microsoft Office 2019 for 64-bit editions,Microsoft 365 Apps for Enterprise for 32-bit Systems,Microsoft 365 Apps for Enterprise for 64-bit Systems,Office Online Server。
Description (English)
Microsoft Excel is a spreadsheet processing software in an Office package of Microsoft (USA). Microsoft Excel had an error in resource management. The attackers used the loophole to implement the code remotely. The following products and versions were affected: Microsoft Office LTSC for Mac 2021, Microsoft Office LTSC 2021 for 64-bit applications, Microsoft Office LTSC 2021 for 32-bit applications, Microsoft Office LTSC 2024 for 32-bit applications, Microsoft Office LTSC 2024 for 64-bit options, Microsoft Office LTSC for Mac 2024, Microsoft Office LTSC for Mac 2024, Microsoft Excel 2016 (32-bit evaluation), Microsoft Excel 2016 (64-bit LTSC 2016 for 32-bit options), Microsoft Office for 32-bit applications, Microsoft Office 2019 for Office Office 2019 for 64-bit technologies, Microsoft Apps for Enterprise 32-bit Systems, Microsoft Apps 365 for Enterprise Services 365 for Enterprise Management,
Hazard Level
Medium
Vulnerability Type
资源管理错误
Affected Vendor
微软
Published
2025-09-09
Last Modified
2026-02-24
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54902
Patch
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54902
Share on: