6 critical vulnerabilities in openOffice make phishing attacks easier. Patch immediately

Cybersecurity specialists report the finding of 6 critical vulnerabilities in OpenOffice, a discontinued open-source office suite developed by Apache Software Foundation. According to the report, successful exploitation of these flaws would allow the deployment of several attack variants.

Below is a brief description of the reported flaws, in addition to their respective tracking keys and scores assigned by the Common Vulnerability Scoring System (CVSS).

CVE-2021-28129: The incorrect default permissions implementation makes the DEB package to install using a userid and groupid of 500 instead of using root, which allows local users to escalate their privileges in the affected system.

This is a low severity flaw and received a CVSS score of 5.5/10.

CVE-2021-33035: A boundary error when processing dBase/DBF files in the affected application would allow remote threat actors to create a specially crafted DBF document in order to run arbitrary code through a memory corruption error.

The flaw received a CVSS score of 7.7/10, as it is considered a high severity vulnerability.

CVE-2021-40439: The dependency on an old expat software version allows remote malicious hackers to send a victim a specially crafted ODF file, leading to a denial of service (DoS) condition.

This is a medium severity flaw and received a 6.6/10 CVSS score.

CVE-2021-41831: The flawed signature verification in OpenOffice allows remote threat actors to manipulate signed documents’ timestamps.   

The vulnerability received a CVSS score of 3.8/10 and its successful exploitation would lead to complex spoofing attacks.

CVE-2021-41832: The incorrect signature verification in OpenOffice allows remote hackers to manipulate signed documents and macros and sending malicious content to target users.

This is a medium severity flaw and received a CVSS score of 5.7/10.

CVE-2021-41830: The incorrect signature verification in the affected application allows remote threat actors to craft malicious documents and make them look like they were sent from a trusted source.

The flaw received a CVSS score of 5.7/10.

According to the report, these flaws reside in the following OpenOffice versions: 4.0.0, 4.0.1, 4.1, 4.1.0, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.1.5, 4.1.6, 4.1.7, 4.1.8, 4.1.9 & 4.1.10.

While some of these flaws can be exploited remotely by unauthenticated threat actors, cybersecurity experts have not detected active exploitation attempts or the existence of a malware variant associated with the attack.

Although there are no known exploitation attempts, the Apache Software Foundation recommends that users of affected deployments apply the updates as soon as possible.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.