CERTFR-2025-AVI-0404
Vulnerability from certfr_avis - Published: 2025-05-14 - Updated: 2025-05-14
De multiples vulnérabilités ont été découvertes dans Microsoft Office. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | Office | Microsoft Office LTSC 2021 pour éditions 64 bits | ||
| Microsoft | Office | Microsoft Office 2016 (édition 32 bits) versions antérieures à 16.0.5500.1000 | ||
| Microsoft | Office | Microsoft Excel 2016 (édition 64 bits) versions antérieures à 16.0.5500.1000 | ||
| Microsoft | Office | Microsoft Office LTSC 2021 pour éditions 32 bits | ||
| Microsoft | Office | Microsoft Excel 2016 (édition 32 bits) versions antérieures à 16.0.5500.1001 | ||
| Microsoft | Office | Microsoft Office 2016 (édition 64 bits) versions antérieures à 16.0.5500.1000 | ||
| Microsoft | Office | Microsoft Office LTSC pour Mac 2024 versions antérieures à 16.97.25042725 | ||
| Microsoft | Office | Microsoft Office LTSC pour Mac 2021 versions antérieures à 16.97.25042725 | ||
| Microsoft | Office | Microsoft Office 2019 pour éditions 32 bits | ||
| Microsoft | Office | Microsoft 365 Apps pour Enterprise pour systèmes 64 bits | ||
| Microsoft | Office | Microsoft Office 2019 pour éditions 64 bits | ||
| Microsoft | Office | Microsoft Office LTSC 2024 pour éditions 64 bits | ||
| Microsoft | Office | Microsoft Excel 2016 (édition 32 bits) versions antérieures à 16.0.5500.1000 | ||
| Microsoft | Office | Microsoft Excel 2016 (édition 64 bits) versions antérieures à 16.0.5500.1001 | ||
| Microsoft | Office | Microsoft Office pour Universal versions antérieures à 16.0.14326.22502 | ||
| Microsoft | Office | Microsoft Office 2016 (édition 32 bits) versions antérieures à 16.0.5500.1002 | ||
| Microsoft | Office | Office Online Server versions antérieures à 16.0.10417.20010 | ||
| Microsoft | Office | Microsoft Office 2016 (édition 64 bits) versions antérieures à 16.0.5500.1002 | ||
| Microsoft | Office | Microsoft Office pour Android versions antérieures à 16.0.18827.20000 | ||
| Microsoft | Office | Microsoft Office LTSC 2024 pour éditions 32 bits | ||
| Microsoft | Office | Microsoft 365 Apps pour Enterprise pour systèmes 32 bits |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Microsoft Office LTSC 2021 pour \u00e9ditions 64 bits",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Office 2016 (\u00e9dition 32 bits) versions ant\u00e9rieures \u00e0 16.0.5500.1000",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Excel 2016 (\u00e9dition 64 bits) versions ant\u00e9rieures \u00e0 16.0.5500.1000",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Office LTSC 2021 pour \u00e9ditions 32 bits",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Excel 2016 (\u00e9dition 32 bits) versions ant\u00e9rieures \u00e0 16.0.5500.1001",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Office 2016 (\u00e9dition 64 bits) versions ant\u00e9rieures \u00e0 16.0.5500.1000",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Office LTSC pour Mac 2024 versions ant\u00e9rieures \u00e0 16.97.25042725",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Office LTSC pour Mac 2021 versions ant\u00e9rieures \u00e0 16.97.25042725",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Office 2019 pour \u00e9ditions 32 bits",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft 365 Apps pour Enterprise pour syst\u00e8mes 64 bits",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Office 2019 pour \u00e9ditions 64 bits",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Office LTSC 2024 pour \u00e9ditions 64 bits",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Excel 2016 (\u00e9dition 32 bits) versions ant\u00e9rieures \u00e0 16.0.5500.1000",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Excel 2016 (\u00e9dition 64 bits) versions ant\u00e9rieures \u00e0 16.0.5500.1001",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Office pour Universal versions ant\u00e9rieures \u00e0 16.0.14326.22502",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Office 2016 (\u00e9dition 32 bits) versions ant\u00e9rieures \u00e0 16.0.5500.1002",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Office Online Server versions ant\u00e9rieures \u00e0 16.0.10417.20010",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Office 2016 (\u00e9dition 64 bits) versions ant\u00e9rieures \u00e0 16.0.5500.1002",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Office pour Android versions ant\u00e9rieures \u00e0 16.0.18827.20000",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Office LTSC 2024 pour \u00e9ditions 32 bits",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft 365 Apps pour Enterprise pour syst\u00e8mes 32 bits",
"product": {
"name": "Office",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-32704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32704"
},
{
"name": "CVE-2025-30377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30377"
},
{
"name": "CVE-2025-29979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29979"
},
{
"name": "CVE-2025-30381",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30381"
},
{
"name": "CVE-2025-29977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29977"
},
{
"name": "CVE-2025-30386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30386"
},
{
"name": "CVE-2025-29978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29978"
},
{
"name": "CVE-2025-30376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30376"
},
{
"name": "CVE-2025-30379",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30379"
},
{
"name": "CVE-2025-32705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32705"
},
{
"name": "CVE-2025-30375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30375"
},
{
"name": "CVE-2025-30393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30393"
},
{
"name": "CVE-2025-30388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30388"
},
{
"name": "CVE-2025-30383",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30383"
}
],
"initial_release_date": "2025-05-14T00:00:00",
"last_revision_date": "2025-05-14T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0404",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-05-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Office. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Office",
"vendor_advisories": [
{
"published_at": "2025-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Office CVE-2025-30375",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30375"
},
{
"published_at": "2025-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Office CVE-2025-30377",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30377"
},
{
"published_at": "2025-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Office CVE-2025-30379",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30379"
},
{
"published_at": "2025-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Office CVE-2025-30381",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30381"
},
{
"published_at": "2025-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Office CVE-2025-29979",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29979"
},
{
"published_at": "2025-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Office CVE-2025-30393",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30393"
},
{
"published_at": "2025-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Office CVE-2025-29978",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29978"
},
{
"published_at": "2025-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Office CVE-2025-29977",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29977"
},
{
"published_at": "2025-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Office CVE-2025-30383",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30383"
},
{
"published_at": "2025-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Office CVE-2025-32704",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32704"
},
{
"published_at": "2025-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Office CVE-2025-30386",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30386"
},
{
"published_at": "2025-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Office CVE-2025-32705",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32705"
},
{
"published_at": "2025-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Office CVE-2025-30388",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30388"
},
{
"published_at": "2025-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Office CVE-2025-30376",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30376"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…