CVE-2025-21402

Microsoft Office OneNote Remote Code Execution Vulnerability

CVSS 7.8 HIGHEPSS 0.7%CWE-641

In short

Microsoft OneNote has a vulnerability that allows attackers to execute malicious code on your computer when you open a specially crafted document. This is dangerous because it gives attackers full control over your system.

Technical detail

CWE-641 vulnerability in OneNote allows remote code execution through crafted files that exploit improper handling of embedded objects or external references. Attack requires user interaction (document opening) and results in code execution with user privileges; no authentication bypass or elevated privileges required for initial compromise.

Summary generated and translated by AI from the official description.

Microsoft Office OneNote Remote Code Execution Vulnerability

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RC:C

Affected products

Microsoft · Microsoft Office LTSC for Mac 2021 Microsoft · Microsoft Office LTSC for Mac 2024 Microsoft · Microsoft OneNote

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21402