CVE-2021-25635

Content Manipulation with Certificate Validation Attack

Severity Score

5.2

*CVSS v4

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track*

*SSVC

Descriptions

An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid (or unknown to LibreOffice) algorithm and LibreOffice would incorrectly present such a signature with an unknown algorithm as a valid signature issued by a trusted person This issue affects LibreOffice: from 7.0 before 7.0.5, from 7.1 before 7.1.1.

A flaw was found in LibreOffice, where it improperly validated signatures for algorithms that were not verified. This flaw leads to LibreOffice presenting a valid signature when the validity of the signature was not verified. The highest threat from this vulnerability is to confidentiality and integrity.

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.

*Credits: NDS of Ruhr University Bochum

CVSS Scores

Attack Vector

Local

Attack Complexity

High

Attack Requirements

None

Privileges Required

None

User Interaction

Passive

System

Vulnerable | Subsequent

Confidentiality

Low

High

Integrity

Low

High

Availability

None

High

Attack Vector

Local

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

High

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Track*

Exploitation

None

Automatable

Tech. Impact

Total

* Organization's Worst-case Scenario

Timeline

2021-01-19 CVE Reserved
2022-05-11 CVE Published
2025-03-21 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-295: Improper Certificate Validation

CAPEC

CAPEC-475: Signature Spoofing by Improper Validation

References (3)

URL	Tag	Source
https://www.libreoffice.org/about-us/security/advisories/cve-2021-25635

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2021-25635	2022-05-10
https://bugzilla.redhat.com/show_bug.cgi?id=2013152	2022-05-10

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
The Document Foundation Search vendor "The Document Foundation"		LibreOffice Search vendor "The Document Foundation" for product "LibreOffice"				>= 7.0.0 < 7.0.5 Search vendor "The Document Foundation" for product "LibreOffice" and version " >= 7.0.0 < 7.0.5"		en		Affected
The Document Foundation Search vendor "The Document Foundation"		LibreOffice Search vendor "The Document Foundation" for product "LibreOffice"				>= 7.1.0 < 7.1.1 Search vendor "The Document Foundation" for product "LibreOffice" and version " >= 7.1.0 < 7.1.1"		en		Affected