How severe is CVE-2024-41165?

CVE-2024-41165 has a CVSS v3 score of 7.1 (HIGH).

CVE-2024-41165

Name: word
Author: microsoft

7.1HIGH

A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted library can leverage Word's access privileges, leading to a permission bypass. A malicious application c

Published: 12/18/2024Updated: 8/22/2025

Description

A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted library can leverage Word's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.

AI AnalysisPowered by AI

Affected Products

microsoftword

16.83

References

https://talosintelligence.com/vulnerability_reports/TALOS-2024-1977
ExploitThird Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1977
ExploitThird Party Advisory