Remote documents loaded without prompt via IFrame
CVE-2023-2255

5.3MEDIUM

Key Information:

Vendor

The Document Foundation

Status
LibreOffice
Vendor
CVE Published:
25 May 2023

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC๐ŸŸฃ EPSS 47%

What is CVE-2023-2255?

Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used "floating frames" linked to external files, would load the contents of those frames without prompting the user for permission to do so. This was inconsistent with the treatment of other linked content in LibreOffice. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.7; 7.5 versions prior to 7.5.3.

Affected Version(s)

LibreOffice 7.4 < 7.4.7

LibreOffice 7.5 < 7.5.3

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-2255
Created by elweth-sec

CVE-2023-2255
Created by G4sp4rCS

References

https://www.libreoffice.org/about-us/security/advisories/...
https://www.debian.org/security/2023/dsa-5415
vendor-advisory
https://lists.debian.org/debian-lts-announce/2023/08/msg0...
mailing-list

EPSS Score

47% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Amel Bouziane-Leblond for discovering and reporting the issue
JSON
.