CVE-2026-20957
Published: 13 January 2026
Summary
CVE-2026-20957 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Microsoft Office Long Term Servicing Channel. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 23.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2026-20957 is an integer underflow vulnerability involving wraparound (CWE-191 and CWE-122) in Microsoft Office Excel. Published on 2026-01-13, it enables an unauthorized attacker to execute code locally and carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact.
A local attacker with no privileges can exploit this vulnerability through low-complexity means that require user interaction, such as convincing a user to open a specially crafted Excel file. Successful exploitation grants the attacker arbitrary code execution on the affected system, compromising confidentiality, integrity, and availability at a high level.
Mitigation details and patches are outlined in the Microsoft Security Response Center advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20957.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-2103
Vulnerability details
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Integer underflow in Excel enables client-side code execution via crafted malicious file opened by user.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SI-2 requires timely flaw remediation, directly addressing the integer underflow vulnerability in Microsoft Office Excel by applying vendor patches.
SI-16 implements memory protections like DEP and ASLR that mitigate arbitrary code execution from integer underflow exploits in Excel.
SI-3 deploys anti-malware tools to scan and block malicious Excel files exploiting the integer underflow vulnerability.