Vulnerabilities > CVE-2020-1225 - Use After Free vulnerability in Microsoft 365 Apps, Excel and Office
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1226.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 8 |
Common Weakness Enumeration (CWE)
References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1225
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1225
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1045
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1045