CVE-2025-65814 is a directory traversal vulnerability identified in RHOPHI Analytics LLP Office App-Edit Word version 6.4.1. This vulnerability stems from a lack of proper validation and sanitization of file paths during the file import process. Specifically, the application fails to restrict file path inputs, allowing an attacker to craft malicious file import requests that traverse directories beyond the intended import location. This can enable unauthorized reading of arbitrary files on the host system. The vulnerability does not require any privileges or user interaction, making it remotely exploitable over the network. The CVSS 3.1 base score is 6.5 (medium severity), with an attack vector of network (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), limited confidentiality impact (C:L), no integrity impact (I:N), and low availability impact (A:L). Although no public exploits have been reported yet, the vulnerability represents a significant risk for information disclosure, especially in environments where sensitive documents or configuration files reside on the same system. The CWE-22 classification confirms this is a classic directory traversal issue. No patches or mitigations have been officially released at the time of publication, increasing the urgency for affected organizations to monitor vendor updates and apply security best practices.

For European organizations, exploitation of this vulnerability could lead to unauthorized disclosure of sensitive files, including configuration files, user data, or intellectual property stored on systems running the vulnerable RHOPHI Analytics Office App-Edit Word. While the integrity of files is not directly affected, the confidentiality breach could expose business-critical information or personal data, potentially violating GDPR requirements. The limited availability impact might cause minor disruptions if critical files are accessed or locked during exploitation. Sectors such as finance, legal, and government agencies that rely heavily on document processing and analytics tools are at higher risk. The lack of authentication and user interaction requirements means attackers can remotely exploit this vulnerability without insider access, increasing the threat surface. Although no known exploits exist yet, the medium severity rating and network accessibility necessitate proactive defense measures to prevent potential data breaches and compliance violations.

1. Monitor RHOPHI Analytics LLP communications and security advisories closely for official patches or updates addressing CVE-2025-65814 and apply them promptly once available. 2. Implement strict input validation and sanitization on file import paths at the application or network level, using allowlists to restrict file locations. 3. Employ network segmentation and firewall rules to limit external access to systems running the vulnerable software, reducing exposure to remote attacks. 4. Use endpoint detection and response (EDR) tools to monitor for suspicious file access patterns indicative of directory traversal attempts. 5. Enforce the principle of least privilege on file system permissions, ensuring the application runs with minimal rights and cannot access sensitive directories unnecessarily. 6. Conduct regular security audits and penetration tests focusing on file handling functionalities to identify and remediate similar vulnerabilities. 7. Educate IT and security teams about the risks of directory traversal and the importance of secure file import mechanisms.