Path Traversal Vulnerability in Google Web Designer
CVE-2025-4613

7.1HIGH

Key Information:

Vendor: Google
Status: Web Designer App
Vendor: CVE Published:; 12 June 2025

What is CVE-2025-4613?

A path traversal vulnerability exists in Google Web Designer's template handling process within versions before 16.3.0.0407 on Windows. This flaw allows attackers to exploit the software by deceiving users into downloading a compromised advertisement template, subsequently enabling unauthorized remote code execution. This risk emphasizes the importance of maintaining updated software versions to guard against exploitation via malicious files.

Affected Version(s)

Web Designer App Windows 0 < 16.3.0.0407

References

https://balintmagyar.com/articles/google-web-designer-pat...

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 12, 2025
Vulnerability Reserved
May 12, 2025

Credit

Bálint Magyar