Microsoft Excel RCE Vulnerability
CVE-2024-49069 Published on December 12, 2024

Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability

Vendor Advisory NVD

Weakness Type

What is a Dangling pointer Vulnerability?

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

CVE-2024-49069 has been classified to as a Dangling pointer vulnerability or weakness.

Products Associated with CVE-2024-49069

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

Microsoft Excel

Microsoft Office

Microsoft 365 Apps

Microsoft Office Long Term Servicing Channel

Affected Versions

Microsoft Office 2019:

Version 19.0.0 and below https://aka.ms/OfficeSecurityReleases is affected.

Microsoft 365 Apps for Enterprise:

Version 16.0.1 and below https://aka.ms/OfficeSecurityReleases is affected.

Microsoft Office LTSC for Mac 2021:

Version 16.0.1 and below 16.92.24120731 is affected.

Microsoft Office LTSC 2021:

Version 16.0.1 and below https://aka.ms/OfficeSecurityReleases is affected.

Microsoft Office LTSC 2024:

Version 1.0.0 and below https://aka.ms/OfficeSecurityReleases is affected.

Microsoft Office LTSC for Mac 2024:

Version 1.0.0 and below 16.92.24120731 is affected.

Microsoft Excel 2016:

Version 16.0.0.0 and below 16.0.5478.1002 is affected.

Exploit Probability

EPSS

0.33%

Percentile

55.19%