# Titles: Microsoft Excel Use After Free - Local Code Execution
# Author: nu11secur1ty
# Date: 06/09/2025
# Vendor: Microsoft
# Software: https://www.microsoft.com/en/microsoft-365/excel?market=af
# Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27751
# Versions: MS Excel 2016, MS Office Online Server KB5002699
# CVE-2025-27751

## Description:
The attacker can trick any user into opening and executing their code by
sending a malicious DOCX file via email or a streaming server.
After the execution of the victim, his machine can be infected or even
worse than ever; this could be the end of his Windows machine!

STATUS: HIGH-CRITICAL Vulnerability


[+]Exploit:

```
Sub hello()
Dim Program As String
Dim TaskID As Double
On Error Resume Next
---------------------------------------
Program = "WRITE YOUR OWN EXPLOIT HERE"
TaskID = ...YOUR TASK HERE...
---------------------------------------
If Err <> 0 Then
MsgBox "Can't start " & Program
End If
End Sub
```

# Reproduce:
[href](https://www.youtube.com/watch?v=ArI0ZeChYE4)

# Buy an exploit only:
[href](https://satoshidisk.com/pay/COb5oS)

# Time spent:
00:35:00


-- 
System Administrator - Infrastructure Engineer
Penetration Testing Engineer
Exploit developer at https://packetstormsecurity.com/
https://cve.mitre.org/index.html
https://cxsecurity.com/ and https://www.exploit-db.com/
0day Exploit DataBase https://0day.today/
home page: https://www.nu11secur1ty.com/
hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=
                          nu11secur1ty <http://nu11secur1ty.com/>

-- 

System Administrator - Infrastructure Engineer
Penetration Testing Engineer
Exploit developer at https://packetstorm.news/
https://cve.mitre.org/index.html
https://cxsecurity.com/ and https://www.exploit-db.com/
0day Exploit DataBase https://0day.today/
home page: https://www.nu11secur1ty.com/
hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=
                          nu11secur1ty <http://nu11secur1ty.com/>