CVE-2025-0514

CVE-2025-0514 is an Improper Input Validation vulnerability (CWE-20) in The Document Foundation's LibreOffice. The flaw allows Windows Executable hyperlink targets within documents to be executed unconditionally upon activation. This issue affects LibreOffice versions from 24.8 prior to 24.8.5 and has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).

Exploitation requires an attacker to deliver a malicious LibreOffice document to a target user, who must then open it locally and activate a hyperlink pointing to a Windows executable, such as by clicking it. No special privileges are needed (PR:N), but local attack vector (AV:L) and user interaction (UI:R) are required, with low complexity (AC:L). Successful activation leads to arbitrary code execution with high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H), running the executable in the context of the user.

The LibreOffice security advisory at https://www.libreoffice.org/about-us/security/advisories/cve-2025-0514 provides details on the vulnerability. Mitigation involves updating to LibreOffice 24.8.5 or later, where the improper validation of hyperlink targets has been addressed.