| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2025-21395 | Microsoft Access Remote Code Execution Vulnerability | Microsoft Office | Important | 12-02-2025 |
Technical Information
“The remote attacker crafts and hosts the malicious file on the website and through social engineering, the attacker convinces the user to download and open the malicious file which leads to local attack on their system.
Patch release date: Jan 14, 2025
Further information on this vulnerability is available at : CVE-2025-21395“
Affected Software
Microsoft Office 2019 for 32-bit editions,Microsoft Office 2019 for 64-bit editions,
Microsoft 365 Apps for Enterprise for 32-bit Systems,
Microsoft 365 Apps for Enterprise for 64-bit Systems,
Microsoft Office LTSC 2021 for 64-bit editions,
Microsoft Office LTSC 2021 for 32-bit editions,
Microsoft Office LTSC 2024 for 32-bit editions,
Microsoft Office LTSC 2024 for 64-bit editions,
Microsoft Access 2016 (32-bit edition),
Microsoft Access 2016 (64-bit edition)