What is CVE-2025-21345?

A high-severity remote code execution vulnerability exists in Microsoft Office Visio. Attackers may exploit this flaw to execute arbitrary code, necessitating immediate patching by organizations.

What is the severity of CVE-2025-21345?

CVE-2025-21345 has a severity rating of HIGH with a CVSS base score of 7.8.

CVE-2025-21345 | High Vulnerability in Microsoft Office Visio

This vulnerability allows for remote code execution within Microsoft Office Visio, potentially leading to unauthorized actions within the application. With a CVSS score of 7.8, this is classified as a high-severity vulnerability that organizations must address promptly.

The risk to organizations includes the ability for attackers to execute arbitrary code on affected systems, which could compromise sensitive data, disrupt operations, and lead to further exploitation across networks. Given the local attack vector and low complexity, this vulnerability poses a significant threat.

Currently, no public exploits have been confirmed, and the vulnerability is not listed in the Known Exploited Vulnerabilities (KEV) catalog. However, the potential impact underscores the urgency for organizations to prioritize patching immediately.

Organizations should remain vigilant in monitoring for updates regarding this vulnerability and ensure that their systems are patched against it.

Vulnerability Details

The CVE-2025-21345 vulnerability is categorized as a remote code execution flaw in Microsoft Office Visio. It was published on January 14, 2025, and is classified under CWE-416. The CVSS vector string is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating a high severity level with significant confidentiality, integrity, and availability impacts.

Technical Analysis

The root cause of this vulnerability stems from improper handling of user input, allowing local attackers to execute arbitrary code when a user interacts with the affected software. The attack complexity is rated as low, and no special privileges are required to exploit the vulnerability. User interaction is necessary, as the exploit relies on the victim to open a malicious file.

The impacts of exploitation can be severe, with high risks to confidentiality, integrity, and availability of affected systems. Organizations should assess the potential blast radius of this vulnerability within their network.

Risk & Impact Analysis

Real-world deployment risk is significant due to the high severity of this vulnerability. Organizations utilizing Microsoft Office Visio should prioritize patching to mitigate potential exploitation, especially considering the local attack vector and low complexity involved. The urgency for addressing this vulnerability is underscored by the high CVSS score.

Organizations should also consider the potential for cascading effects on interconnected systems, increasing the importance of timely remediation.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The vulnerable components include Microsoft 365 Apps and various versions of Microsoft Office, specifically the following:

• Microsoft 365 Apps (x64 and x86) • Microsoft Office 2019 (x64 and x86) • Microsoft Office Long Term Servicing Channel 2021 and 2024 (x64 and x86)

Mitigation & Remediation

Organizations should ensure that all affected systems are updated with the latest patches provided by Microsoft to remediate this vulnerability. More information can be found in the security update guides from Microsoft.

Detection Guidance

Monitor system logs for unusual activity that may indicate exploitation attempts. Behavioral anomalies, such as unexpected application crashes or unauthorized access attempts, should be investigated.

AppSecure Threat Intelligence Insight

This vulnerability represents a critical concern for organizations using Microsoft Office Visio. The potential for remote code execution highlights the need for robust security measures and proactive monitoring. Security teams should regularly assess their applications for vulnerabilities and ensure timely updates.

For further insights into vulnerability management, organizations can refer to the vulnerability management program and the importance of continuous security assessments.

Additionally, exploring penetration testing methodologies can provide organizations with tools to identify and remediate vulnerabilities effectively.

Finally, staying informed about the latest security trends through resources such as the 2025 vulnerability exposure severity trends can enhance organizational resilience.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-21345: High Vulnerability in Microsoft Office Visio