cnvd - cnvd-2025-18826

CNVD-2025-18826

Vulnerability from cnvd - Published: 2025-08-18

Title

Microsoft Word代码执行漏洞（CNVD-2025-18826）

Description

Microsoft Word是美国微软（Microsoft）公司的一套Office套件中的文字处理软件。 Microsoft Word代码执行漏洞，该漏洞是由于数字类型之间的转换不正确造成的。攻击者可利用该漏洞在系统上执行任意代码。

Severity

高

Patch Name

Microsoft Word代码执行漏洞（CNVD-2025-18826）的补丁

Patch Description

Microsoft Word是美国微软（Microsoft）公司的一套Office套件中的文字处理软件。 Microsoft Word代码执行漏洞，该漏洞是由于数字类型之间的转换不正确造成的。攻击者可利用该漏洞在系统上执行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53733

Reference

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53733

Impacted products

Name
['Microsoft Word 2016', 'Microsoft SharePoint Enterprise Server 2016 null', 'Microsoft Office 2019', 'Microsoft 365 Apps for Enterprise', 'Microsoft SharePoint Server 2019 null', 'Microsoft Office LTSC 2021', 'Microsoft Office LTSC for Mac 2021', 'Microsoft Microsoft Office LTSC 2024', 'Microsoft Office LTSC for Mac 2024']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2025-53733",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-53733"
    }
  },
  "description": "Microsoft Word\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957Office\u5957\u4ef6\u4e2d\u7684\u6587\u5b57\u5904\u7406\u8f6f\u4ef6\u3002\n\nMicrosoft Word\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u6570\u5b57\u7c7b\u578b\u4e4b\u95f4\u7684\u8f6c\u6362\u4e0d\u6b63\u786e\u9020\u6210\u7684\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53733",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-18826",
  "openTime": "2025-08-18",
  "patchDescription": "Microsoft Word\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957Office\u5957\u4ef6\u4e2d\u7684\u6587\u5b57\u5904\u7406\u8f6f\u4ef6\u3002\r\n\r\nMicrosoft Word\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u6570\u5b57\u7c7b\u578b\u4e4b\u95f4\u7684\u8f6c\u6362\u4e0d\u6b63\u786e\u9020\u6210\u7684\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft Word\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2025-18826\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft Word 2016",
      "Microsoft SharePoint Enterprise Server 2016 null",
      "Microsoft Office 2019",
      "Microsoft 365 Apps for Enterprise",
      "Microsoft SharePoint Server 2019 null",
      "Microsoft Office LTSC 2021",
      "Microsoft Office LTSC for Mac 2021",
      "Microsoft Microsoft Office LTSC 2024",
      "Microsoft Office LTSC for Mac 2024"
    ]
  },
  "referenceLink": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53733",
  "serverity": "\u9ad8",
  "submitTime": "2025-08-15",
  "title": "Microsoft Word\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2025-18826\uff09"
}

CVE-2025-53733 (GCVE-0-2025-53733)

Vulnerability from cvelistv5 – Published: 2025-08-12 17:10 – Updated: 2025-11-10 00:12

Summary

Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Severity ?

8.4 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CWE

CWE-681 - Incorrect Conversion between Numeric Types

Assigner

microsoft

References

URL

Tags

https://msrc.microsoft.com/update-guide/vulnerabi…

vendor-advisory

Impacted products

Vendor

Product

Version

Microsoft

Microsoft SharePoint Enterprise Server 2016

Affected: 16.0.0 , < 16.0.5513.1002 (custom)

Microsoft	Microsoft SharePoint Server 2019	Affected: 16.0.0 , < 16.0.10417.20041 (custom)
Microsoft	Microsoft Office 2019	Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
Microsoft	Microsoft 365 Apps for Enterprise	Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
Microsoft	Microsoft Office LTSC for Mac 2021	Affected: 16.0.1 , < 16.100.25081015 (custom)
Microsoft	Microsoft Office LTSC 2021	Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
Microsoft	Microsoft Office LTSC 2024	Affected: 16.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
Microsoft	Microsoft Office LTSC for Mac 2024	Affected: 16.0.0 , < 16.100.25081015 (custom)
Microsoft	Microsoft Word 2016	Affected: 16.0.1 , < 16.0.5513.1000 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-53733",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-12T19:00:37.607706Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-12T20:37:53.353Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft SharePoint Enterprise Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.5513.1002",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft SharePoint Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.10417.20041",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office LTSC for Mac 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.100.25081015",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems",
            "32-bit Systems"
          ],
          "product": "Microsoft Office LTSC 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office LTSC 2024",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office LTSC for Mac 2024",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.100.25081015",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Word 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.5513.1000",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:sharepoint_server_2016:*:*:*:*:enterprise:*:*:*",
                  "versionEndExcluding": "16.0.5513.1002",
                  "versionStartIncluding": "16.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:sharepoint_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "16.0.10417.20041",
                  "versionStartIncluding": "16.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:office_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                  "versionStartIncluding": "19.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
                  "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                  "versionStartIncluding": "16.0.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:office_macos_2021:*:*:*:*:*:long_term_servicing_channel:*:*",
                  "versionEndExcluding": "16.100.25081015",
                  "versionStartIncluding": "16.0.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:office_2021:*:*:*:*:long_term_servicing_channel:*:*:*",
                  "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                  "versionStartIncluding": "16.0.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:office_2024:*:*:*:*:long_term_servicing_channel:*:*:*",
                  "versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
                  "versionStartIncluding": "16.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:office_macos_2024:*:*:*:*:*:long_term_servicing_channel:*:*",
                  "versionEndExcluding": "16.100.25081015",
                  "versionStartIncluding": "16.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:word_2016:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "16.0.5513.1000",
                  "versionStartIncluding": "16.0.1",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2025-08-12T07:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-681",
              "description": "CWE-681: Incorrect Conversion between Numeric Types",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-10T00:12:37.045Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Microsoft Word Remote Code Execution Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53733"
        }
      ],
      "title": "Microsoft Word Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2025-53733",
    "datePublished": "2025-08-12T17:10:32.310Z",
    "dateReserved": "2025-07-09T03:10:34.739Z",
    "dateUpdated": "2025-11-10T00:12:37.045Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2025-18826

CVE-2025-53733 (GCVE-0-2025-53733)

Tags

Sightings

Nomenclature