CVE-2025-21381

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 11, 2025

Updated: Feb 19, 2025

CWE ID 822

Summary

CVE-2025-21381 is a remote code execution vulnerability affecting Microsoft Excel. Maliciously crafted Excel files can exploit this issue, allowing an attacker to execute arbitrary code on the target system. Successful exploitation of this vulnerability could lead to significant security risks, including data theft, unauthorized system access, or further malware infection. Users are strongly advised to update their Microsoft Office suite to the latest version to mitigate this risk. Alternatively, they can avoid opening untrusted Excel files to prevent potential exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3Q5xLA
https://www.cve.org/CVERecord?id=CVE-2025-21381
https://nvd.nist.gov/vuln/detail/CVE-2025-21381

Back to Vulnerability Database

CVE-2025-21381

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations