CVE-2025-53733
HIGHDescription
Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Is your site exposed to CVE-2025-53733?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| microsoft | 365_apps |
| microsoft | 365_apps |
| microsoft | office |
| microsoft | office |
| microsoft | office_long_term_servicing_channel |
| microsoft | office_long_term_servicing_channel |
| microsoft | office_long_term_servicing_channel |
| microsoft | office_long_term_servicing_channel |
| microsoft | office_long_term_servicing_channel |
| microsoft | office_long_term_servicing_channel |
| microsoft | sharepoint_enterprise_server |
| microsoft | sharepoint_server |
| microsoft | word |
| microsoft | word |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-53733? +
How severe is CVE-2025-53733? +
What products are affected by CVE-2025-53733? +
How do I check if I'm vulnerable to CVE-2025-53733? +
Related Vulnerabilities
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
Microsoft ODBC Driver Remote Code Execution Vulnerability
dsp_mmap_single() validated the requested mapping by checking the sum of the user-supplied offset and length against the buffer size. This …
Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading …
Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM …