CVE-2025-65814 identifies a directory traversal vulnerability in RHOPHI Analytics LLP Office App-Edit Word version 6.4.1. The root cause is a lack of adequate security checks during the file import process, which allows attackers to craft malicious file paths that traverse directories outside the intended import location. This can lead to unauthorized reading, modification, or overwriting of files on the host system. Directory traversal vulnerabilities typically exploit insufficient sanitization of user-supplied input, enabling attackers to use sequences like '../' to navigate the file system hierarchy. In this case, the vulnerability could be exploited remotely or locally depending on how the file import feature is exposed. No CVSS score has been assigned yet, and no patches or known exploits are currently documented. However, the vulnerability's nature suggests it could be leveraged to compromise system confidentiality and integrity without requiring authentication or user interaction, making it a serious threat. The absence of patches necessitates immediate attention to monitoring and mitigation strategies.

For European organizations, exploitation of this vulnerability could lead to unauthorized access to sensitive files, data leakage, or modification of critical documents, undermining confidentiality and integrity. This is particularly concerning for sectors such as finance, healthcare, government, and critical infrastructure where document integrity and confidentiality are paramount. Attackers could potentially overwrite configuration files or inject malicious code, leading to further system compromise or persistence. The lack of authentication requirements and user interaction lowers the barrier for exploitation, increasing the risk of widespread impact. Additionally, organizations relying on RHOPHI Analytics LLP Office App-Edit Word for document processing or collaboration may face operational disruptions. The reputational damage and regulatory consequences under GDPR for data breaches could be significant.

1. Immediately restrict file import functionality to trusted sources and disable it if not essential. 2. Implement strict validation and sanitization of all file paths used during import to prevent directory traversal sequences. 3. Monitor file system access logs for unusual or unauthorized file access patterns. 4. Employ application whitelisting and endpoint protection solutions to detect and block suspicious activities related to file manipulation. 5. Segregate systems running the vulnerable software from critical infrastructure to limit potential lateral movement. 6. Engage with RHOPHI Analytics LLP for timely patch releases and apply updates as soon as they become available. 7. Conduct internal audits of document handling workflows to identify and mitigate exposure. 8. Educate users about the risks of importing files from untrusted sources. 9. Consider deploying virtualized or sandboxed environments for handling untrusted documents to contain potential exploitation.