Vulnerability cyber

LibreOffice

Mar 6, 2025 1 min read
LibreOffice

A critical security vulnerability, CVE-2025-1080, in LibreOffice was discovered, potentially exposing millions of users to remote code execution via manipulated macro URLs. The vulnerability, present in versions before 24.8.5 and 25.2.1, enabled attackers to bypass security protocols and execute arbitrary scripts, posing a significant risk to document collaboration workflows. The flaw was particularly dangerous in SharePoint-integrated environments, allowing attackers to embed malicious payloads in document-sharing links that could compromise networks without users downloading any files. The use of such links could lead to ransomware deployment or data exfiltration.

Source: https://cybersecuritynews.com/libreoffice-vulnerability-arbitrary-script/

TPRM report: https://scoringcyber.rankiteo.com/company/dod-osbp

"id": "dod405030625",
"linkid": "dod-osbp",
"type": "Vulnerability",
"date": "3/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'millions of users',
                        'industry': 'Software',
                        'name': 'LibreOffice',
                        'type': 'Software'}],
 'attack_vector': 'Manipulated macro URLs',
 'description': 'A critical security vulnerability, CVE-2025-1080, in '
                'LibreOffice was discovered, potentially exposing millions of '
                'users to remote code execution via manipulated macro URLs. '
                'The vulnerability, present in versions before 24.8.5 and '
                '25.2.1, enabled attackers to bypass security protocols and '
                'execute arbitrary scripts, posing a significant risk to '
                'document collaboration workflows. The flaw was particularly '
                'dangerous in SharePoint-integrated environments, allowing '
                'attackers to embed malicious payloads in document-sharing '
                'links that could compromise networks without users '
                'downloading any files. The use of such links could lead to '
                'ransomware deployment or data exfiltration.',
 'impact': {'systems_affected': 'LibreOffice versions before 24.8.5 and '
                                '25.2.1'},
 'initial_access_broker': {'entry_point': 'Manipulated macro URLs'},
 'motivation': ['Ransomware deployment', 'Data exfiltration'],
 'title': 'CVE-2025-1080 Vulnerability in LibreOffice',
 'type': 'Remote Code Execution',
 'vulnerability_exploited': 'CVE-2025-1080'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.