CVE-2025-65814 – CVE-2025-65814 is a directory traversal vulnera... (How to Fix)

Q: What is the severity of CVE-2025-65814?

CVE-2025-65814 has a CVSS score of 6.5 (MEDIUM). CVE-2025-65814 is a directory traversal vulnerability in RHOPHI Analytics LLP Office App-Edit Word v6.4.1 that allows attackers to access files outside the intended directory through the file import process. This affects all users of the vulnerable Android application version who process untrusted files.

📋 TL;DR

CVE-2025-65814 is a directory traversal vulnerability in RHOPHI Analytics LLP Office App-Edit Word v6.4.1 that allows attackers to access files outside the intended directory through the file import process. This affects all users of the vulnerable Android application version who process untrusted files.

💻 Affected Systems

Products:

RHOPHI Analytics LLP Office App-Edit Word

Versions: v6.4.1

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects the specific Android application version; requires user to import a maliciously crafted file.

📦 What is this software?

Office App Edit Word\, Pdf File by A1apps

View all CVEs affecting Office App Edit Word\, Pdf File →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could read sensitive system files, extract credentials, or potentially write malicious files to execute arbitrary code with app permissions.

🟠

Likely Case

Unauthorized access to application data, configuration files, or other user documents stored on the device.

🟢

If Mitigated

Limited to accessing only files within the app's sandbox if proper input validation and path sanitization are implemented.

🌐 Internet-Facing: MEDIUM - Requires user interaction to import malicious files, but could be exploited via phishing or malicious websites.

🏢 Internal Only: LOW - Primarily affects individual mobile devices rather than internal network infrastructure.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires user interaction to import a malicious file, but the directory traversal technique itself is straightforward.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

1. Monitor Google Play Store for app updates. 2. Update to the latest version when available. 3. Verify the update addresses CWE-22 vulnerabilities.

🔧 Temporary Workarounds

Disable file import functionality

android

Prevent users from importing files into the application

Use alternative office applications

android

Switch to trusted office applications with proper security controls

🧯 If You Can't Patch

Restrict app permissions to minimal required access
Educate users about risks of importing untrusted files

🔍 How to Verify

Check if Vulnerable:

Check app version in Android Settings > Apps > Office App-Edit Word > App info

Check Version:

adb shell dumpsys package com.rhopi.office | grep versionName

Verify Fix Applied:

Verify app version is newer than v6.4.1 and test file import with path traversal payloads

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns
Failed path validation attempts
Access to files outside app sandbox

Network Indicators:

File downloads from untrusted sources followed by app file imports

SIEM Query:

app:"Office App-Edit Word" AND (event:"file_access" OR event:"import") AND path:"../"

📊 Metadata

CVE ID: CVE-2025-65814

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

CWE: CWE-22

EPSS Score: 0.17% exploit probability (38th percentile)

Published: December 10, 2025

Last Updated: December 17, 2025

🔗 References

https://developer.android.com/privacy-and-security/risks/untrustworthy-contentprovider-provided-filename Exploit,Third Party Advisory,Mitigation
https://github.com/Secsys-FDU/AF_CVEs/issues/6 Exploit,Issue Tracking

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-65814, you might also want to check these: