CVE-2025-53730: 
vulnerability analysis and mitigation

A use-after-free vulnerability has been identified in Microsoft Office Visio (CVE-2025-53730) that allows an unauthorized attacker to execute code locally. The vulnerability was discovered and disclosed on August 12, 2025, affecting various Microsoft Office products including Microsoft 365 Apps Enterprise, Office 2019, Office LTSC 2021, Office 2021, Office LTSC 2024, and Office 2024 (NVD).

The vulnerability is classified as a use-after-free (CWE-416) issue with a CVSS v3.1 base score of 7.8 (HIGH). The attack vector is local (AV:L) with low attack complexity (AC:L), requiring no privileges (PR:N) but user interaction (UI:R). The scope is unchanged (S:U) with high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H) (NVD).

If exploited, this vulnerability allows an unauthorized attacker to execute code locally on the affected system, potentially leading to complete compromise of the system's confidentiality, integrity, and availability (NVD).

Microsoft has released security updates to address this vulnerability as part of their August 2025 security updates. Affected users are advised to update their Microsoft Office installations to the latest version (Microsoft Updates).