Microsoft Excel Local Code Execution Vulnerability

2025.06.10
bg nu11secur1ty (BG) bg
Risk: High
Local: No
Remote: Yes
CVE: CVE-2025-27751
CWE: N/A

# Titles: Microsoft Excel Local Code Execution Vulnerability # Author: nu11secur1ty # Date: 06/09/2025 # Vendor: Microsoft # Software: https://www.microsoft.com/en/microsoft-365/excel?market=af # Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27751 # CVE-2025-27751 ## Description: The attacker can trick any user into opening and executing their code by sending a malicious DOCX file via email or a streaming server. After the execution of the victim, his machine can be infected or even worse than ever; this could be the end of his Windows machine! STATUS: HIGH-CRITICAL Vulnerability [+]Exploit: ``` Sub hello() Dim Program As String Dim TaskID As Double On Error Resume Next --------------------------------------- Program = "WRITE YOUR OWN EXPLOIT HERE" TaskID = ...YOUR TASK HERE... --------------------------------------- If Err <> 0 Then MsgBox "Can't start " & Program End If End Sub ``` # Reproduce: [href](https://www.youtube.com/watch?v=ArI0ZeChYE4) # Buy an exploit only: [href](https://satoshidisk.com/pay/COb5oS) # Time spent: 00:35:00 -- System Administrator - Infrastructure Engineer Penetration Testing Engineer Exploit developer at https://packetstormsecurity.com/ https://cve.mitre.org/index.html https://cxsecurity.com/ and https://www.exploit-db.com/ 0day Exploit DataBase https://0day.today/ home page: https://www.nu11secur1ty.com/ hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E= nu11secur1ty <http://nu11secur1ty.com/>


See this note in RAW Version
Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2025, cxsecurity.com

 

Back to Top