Security vulnerability in Libreoffice puts Windows users at risk
Vulnerability in Libreoffice puts Windows users at risk
Attackers can potentially execute malicious code in Libreoffice using specially crafted hyperlinks in documents.
There is a vulnerability in the widely used free office suite Libreoffice that allows attackers to execute malicious code on third-party Windows systems. All that is required is to open a specially crafted hyperlink in a document on the target system. The vulnerability is registered as CVE-2025-0514 and has a high severity level with a CVSS value of 7.2.
Libreoffice is known to have a function that allows hyperlinks to be opened directly with one click by holding down the Ctrl key. As the developers of the office suite explain in a security message, the respective link is transferred to the Shellexecute function of the Windows operating system.
Links to executable files are blocked by Libreoffice so that the mere opening of a link cannot lead to potentially dangerous code execution. However, CVE-2025-0514 may allow the mechanism responsible for this to be bypassed, for example to execute malware.
A patch is available
According to the security report, the vulnerability can be exploited by using special non-file URLs, which are interpreted by Shellexecute as Windows file paths. However, the Libreoffice developers do not explain what these URLs look like in detail. According to the information, Libreoffice versions 24.8.0 up to and including 24.8.4 are affected.
The vulnerability was closed with version 24.8.5 released on February 20. Users are advised to update the Office suite promptly in order to protect themselves against possible attacks. The latest version can be downloaded from the project's website. The developers do not provide any information about the newer Libreoffice 25.2 being affected.