Plattform
windows
Komponente
microsoft-access
Behoben in
16.0.5530.1000
https://aka.ms/OfficeSecurityReleases
https://aka.ms/OfficeSecurityReleases
CVE-2025-62552 describes a Remote Code Execution (RCE) vulnerability within Microsoft Access. This flaw allows an unauthorized attacker to execute code locally by exploiting a relative path traversal issue. The vulnerability impacts versions of Microsoft Access before 16.0.0 and has been addressed in recent security updates. Microsoft has released security updates to resolve this issue.
The impact of CVE-2025-62552 is significant due to its RCE nature. A successful exploit allows an attacker to execute arbitrary code on the affected system with the privileges of the user running Microsoft Access. This could lead to complete system compromise, data theft, installation of malware, or lateral movement within the network. The relative path traversal aspect suggests the vulnerability might be triggered by processing specially crafted files or database objects, potentially bypassing security controls if not properly validated. This vulnerability shares similarities with other path traversal exploits where attackers manipulate file paths to access unauthorized resources.
CVE-2025-62552 was published on 2025-12-09. The vulnerability's severity is rated as HIGH (CVSS 7.8). Currently, there are no publicly available proof-of-concept exploits. It is not listed on the CISA KEV catalog as of this writing. Active exploitation campaigns are not currently confirmed, but the RCE nature of the vulnerability warrants proactive mitigation.
Organizations heavily reliant on Microsoft Access for data management, particularly those with legacy Access databases or those that allow users to open Access files from external sources, are at heightened risk. Shared hosting environments where multiple users access the same Access database are also particularly vulnerable.
• windows / supply-chain:
Get-Process -Name "MSACCESS"
Get-WinEvent -LogName Application -FilterXPath "*[System[Provider[@Name='Microsoft-Windows-Access' and (EventID=1001)]]]"• windows / server:
reg query "HKCU\Software\Microsoft\Office\16.0\Access\Security" /v AllowAccessToFilesFromDifferentTrustZone• generic web: Inspect Access files received from external sources for suspicious relative path references.
disclosure
Exploit-Status
EPSS
0.08% (24% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-62552 is to upgrade Microsoft Access to version 16.0.0 or later, as the vulnerability has been patched in these releases. If immediate upgrading is not possible, consider restricting access to Microsoft Access databases and implementing strict file validation controls. Review and harden file permissions to prevent unauthorized access to sensitive data. Monitor system logs for suspicious activity related to file access and execution. After upgrading, confirm the fix by attempting to reproduce the vulnerability with a known exploit vector and verifying that the attempt fails.
Aplica las actualizaciones de seguridad proporcionadas por Microsoft a través de Microsoft 365 Apps para Enterprise. Consulta https://aka.ms/OfficeSecurityReleases para obtener más información sobre las actualizaciones disponibles y cómo instalarlas.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-62552 is a Remote Code Execution (RCE) vulnerability in Microsoft Access allowing attackers to execute code locally via a crafted relative path. It has a HIGH severity rating and affects versions prior to 16.0.0.
You are affected if you are using Microsoft Access versions prior to 16.0.0. Check your version and upgrade to the latest Microsoft Office Security Releases to mitigate the risk.
The recommended fix is to upgrade to the latest Microsoft Office Security Releases available at https://aka.ms/OfficeSecurityReleases. Consider restricting access to files from untrusted sources as an interim measure.
While no active exploitation has been confirmed, the vulnerability's nature suggests that exploits are likely to emerge. Monitor security advisories and threat intelligence feeds.
You can find the official Microsoft advisory at https://aka.ms/OfficeSecurityReleases.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.