#VU114038 Out-of-bounds read in Microsoft products - CVE-2025-53736
Published: August 13, 2025
Vulnerability identifier: #VU114038
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-53736
CWE-ID: CWE-125
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Microsoft SharePoint Server
Microsoft Office
Microsoft Word
Microsoft 365 Apps for Enterprise
Microsoft Office LTSC
Microsoft SharePoint Server
Microsoft Office
Microsoft Word
Microsoft 365 Apps for Enterprise
Microsoft Office LTSC
Software vendor:
Microsoft
Microsoft
Description
The vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Microsoft Word. A local attacker can trigger an out-of-bounds read error and read contents of memory on the system.
Remediation
Install updates from vendor's website.