CVE Daily

CVE-2025-49702

Access of resource using incompatible type ('type confusion') in Microsoft Offic...

High CVSS 7.8

Overview

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

CWE: CWE-843 Published: 2025-07-08T17:15:57.380
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.8 (HIGH)
  • Detected tags: unauth_access (tag impact: HIGH)

Recommended actions:

  • Enforce authentication/authorization; reduce default endpoint exposure.

Recommended tools

Tags