CVE-2025-53505 is a path traversal vulnerability identified in Intermesh BV's Group-Office product, affecting versions prior to 6.8.119 and prior to 25.0.20. This vulnerability arises due to improper limitation of pathname inputs, allowing an attacker with some level of authenticated access (as indicated by the CVSS vector requiring low privileges) to manipulate file paths and access files outside the intended restricted directories. Exploiting this flaw could lead to unauthorized disclosure of sensitive information stored on the server hosting Group-Office. The vulnerability does not impact integrity or availability directly but compromises confidentiality by exposing potentially sensitive server files. The CVSS score of 4.3 (medium severity) reflects that the attack can be performed remotely over the network without user interaction, but requires low privileges, which means an attacker must have some authenticated access to the system. No known exploits are currently reported in the wild, but the vulnerability is publicly disclosed and patched in versions 6.8.119 and 25.0.20. Group-Office is a collaborative software suite used for email, project management, and document sharing, often deployed in enterprise environments, making the confidentiality breach significant if exploited.

For European organizations using Group-Office, this vulnerability poses a risk of sensitive internal information leakage, including potentially confidential documents, configuration files, or user data stored on the server. Since Group-Office is commonly used in business and governmental environments for collaboration and communication, unauthorized access to server files could lead to exposure of intellectual property, personal data protected under GDPR, or internal operational details. This could result in reputational damage, regulatory penalties, and loss of competitive advantage. The medium severity suggests that while the risk is not immediately critical, organizations should prioritize patching to prevent attackers with low-level access from escalating their information gathering capabilities. The lack of known active exploitation reduces immediate urgency but does not eliminate the threat, especially as attackers could develop exploits following public disclosure.

European organizations should immediately verify their Group-Office versions and upgrade to version 6.8.119 or later (or 25.0.20 or later) where the vulnerability is patched. In addition to patching, organizations should implement strict access controls to limit authenticated user privileges, minimizing the risk of low-privilege users exploiting this vulnerability. Regularly audit file permissions and server directory structures to ensure sensitive files are not unnecessarily exposed. Employ web application firewalls (WAFs) with rules to detect and block path traversal attempts. Monitoring and logging access to critical files and directories can help detect exploitation attempts early. Finally, conduct user training to reduce the risk of credential compromise that could enable attackers to gain the required low-level privileges.