Cyber Posture

CVE-2025-21383

High

Published: 11 February 2025

Published
11 February 2025
Modified
01 July 2025
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0034 56.9th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-21383 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Microsoft Office Long Term Servicing Channel. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked in the top 43.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and CM-6 (Configuration Settings).

Threat & Defense at a Glance

What attackers do: exploitation maps to Malicious File (T1204.002) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly mitigates CVE-2025-21383 by requiring identification, prioritization, and timely remediation of the out-of-bounds read flaw through application of Microsoft security updates.

SI-3 Malicious Code Protection partial match
preventdetect

Deploys anti-malware scanning at system entry points to detect and block malicious Excel files exploiting the out-of-bounds read vulnerability.

CM-6 Configuration Settings partial match
prevent

Establishes and enforces secure configuration settings for Microsoft Excel, such as Protected View and disabled legacy features, to prevent exploitation upon opening malicious files.

MITRE ATT&CK Enterprise TechniquesAI

T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
attack.mitre.org →
T1566.001 Spearphishing Attachment Initial Access
Adversaries may send spearphishing emails with a malicious attachment in an attempt to gain access to victim systems.
attack.mitre.org →
Why these techniques?

Vulnerability exploited by tricking user into opening malicious Excel file (T1204.002), commonly delivered via spearphishing attachment (T1566.001); out-of-bounds read enables info disclosure and high impact on client system.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Microsoft Excel Information Disclosure Vulnerability

Deeper analysisAI

CVE-2025-21383 is an information disclosure vulnerability in Microsoft Excel, stemming from CWE-125 (Out-of-bounds Read). It affects Microsoft Excel as part of the Microsoft Office suite, with a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). The vulnerability was published on 2025-02-11.

An attacker with local access can exploit this vulnerability by tricking a user into performing an action, such as opening a malicious Excel file, due to the low attack complexity and requirement for user interaction but no special privileges. Successful exploitation allows the attacker to achieve high impacts across confidentiality, integrity, and availability, potentially disclosing sensitive information, modifying data, or disrupting system resources.

The Microsoft Security Response Center advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21383 recommends applying the available security updates to mitigate the vulnerability, as detailed in the update guide.

Details

CWE(s)
CWE-125

Affected Products

microsoft
365 apps
all versions
microsoft
excel
2016
microsoft
office
2019
microsoft
office long term servicing channel
2021, 2024

CVEs Like This One

CVE-2026-20946Same product: Microsoft 365 Apps
CVE-2025-21387Same product: Microsoft 365 Apps
CVE-2026-26109Same product: Microsoft 365 Apps
CVE-2025-21394Same product: Microsoft 365 Apps
CVE-2025-21346Same product: Microsoft 365 Apps
CVE-2026-20944Same product: Microsoft 365 Apps
CVE-2025-49696Same product: Microsoft 365 Apps
CVE-2025-21390Same product: Microsoft 365 Apps
CVE-2025-21386Same product: Microsoft 365 Apps
CVE-2025-24075Same product: Microsoft 365 Apps

References