CVE-2025-66687 identifies a directory traversal vulnerability in Doom Launcher version 3.8.1.0, a software used to manage and launch Doom game files. The vulnerability stems from the software's failure to properly validate file paths during the extraction process of game files. Specifically, when extracting compressed or packaged game files, the launcher does not sanitize or restrict file paths, allowing an attacker to craft malicious archive files containing path traversal sequences (e.g., '../') that can cause files to be written outside the intended extraction directory. This can lead to overwriting critical system or application files, potentially allowing arbitrary code execution or privilege escalation if the launcher runs with elevated permissions. The vulnerability does not require prior authentication but does require the attacker to convince a user to extract a maliciously crafted game file, implying some level of user interaction. No CVSS score has been assigned yet, and no patches or known exploits have been reported as of the publication date. The lack of file path validation is a common security oversight that can have severe consequences, especially if the launcher runs with high privileges or if the overwritten files are executed by the system or other applications. The vulnerability highlights the importance of secure handling of file extraction and input validation in software that processes external content.

The primary impact of this vulnerability is the potential for arbitrary file overwrite on affected systems, which can lead to several severe consequences. Attackers could overwrite critical system files, configuration files, or executable binaries, resulting in system instability, denial of service, or privilege escalation. If exploited, this could allow remote code execution, enabling attackers to take full control of the affected machine. For organizations, this poses risks including data breaches, disruption of operations, and potential lateral movement within networks if compromised hosts are connected to corporate environments. The impact is particularly significant in environments where Doom Launcher is used on shared or enterprise systems, or where users have administrative privileges. Although no exploits are currently known in the wild, the vulnerability's nature makes it a high-risk target for attackers once weaponized. The absence of a patch increases exposure time, emphasizing the need for proactive mitigation.

To mitigate this vulnerability, users and organizations should implement several specific measures beyond generic advice: 1) Immediately restrict the permissions of the Doom Launcher application to run with the least privileges necessary, avoiding administrative or system-level rights. 2) Implement application whitelisting and file integrity monitoring on systems running Doom Launcher to detect unauthorized file modifications. 3) Educate users to avoid extracting game files from untrusted or unknown sources to reduce the risk of malicious archive files. 4) Use sandboxing or containerization techniques to isolate the launcher and its file extraction processes, limiting the potential impact of exploitation. 5) Monitor official Doom Launcher channels for security updates or patches and apply them promptly once available. 6) Employ endpoint detection and response (EDR) solutions to detect suspicious file system activity indicative of exploitation attempts. 7) Network segmentation can help contain potential breaches originating from compromised gaming systems. These targeted steps help reduce the attack surface and limit the damage if exploitation occurs.