CVE-2025-14714

Name
CVE-2025-14714
Description
An Authentication Bypass vulnerability existed where the application bundled an interpreter (Python) that inherits the Transparency, Consent, and Control (TCC) permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with the application's TCC privileges In fixed versions parent-constraints are used to allow only the main application to launch interpreter with those permissions This issue affects LibreOffice on macOS: from 25.2 before < 25.2.4.
NVD Severity
low
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
security@documentfoundation.org https://www.libreoffice.org/about-us/security/advisories/cve-2025-14714

Match rules

CPE URI Source package Min version Max version
libreoffice == 25.2 == None

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
libreoffice edge-community 25.8.1.1-r7 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.8.1.1-r6 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.8.1.1-r5 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.8.1.1-r4 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.8.1.1-r3 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.8.1.1-r2 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.8.1.1-r1 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.8.1.1-r0 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.2.5.2-r2 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.2.5.2-r1 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.2.5.2-r0 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.2.4.3-r2 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.2.4.3-r1 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.2.4.3-r0 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.2.3.2-r1 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.2.3.2-r0 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.2.2.2-r0 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.2.1.2-r3 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.2.1.2-r2 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.2.1.2-r1 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.2.1.2-r0 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 25.2.0.3-r0 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 24.8.4.2-r1 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 24.8.4.2-r0 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 7.6.7.2-r2 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 7.6.7.2-r0 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 7.3.6.2-r0 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 7.2.7.2-r0 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 7.2.5.2-r0 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 7.2.2.2-r0 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice edge-community 6.4.4.2-r0 None possibly vulnerable
libreoffice edge-community 6.4.3.2-r0 None possibly vulnerable
libreoffice edge-community 6.3.1.2-r0 None possibly vulnerable
libreoffice edge-community 6.3.0.4-r0 None possibly vulnerable
libreoffice edge-community 6.2.5.2-r0 None possibly vulnerable
libreoffice 3.23-community 25.8.1.1-r5 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice 3.22-community 25.2.5.2-r0 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice 3.22-community 7.6.7.2-r2 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
libreoffice 3.22-community 7.6.7.2-r0 None possibly vulnerable
libreoffice 3.22-community 7.3.6.2-r0 None possibly vulnerable
libreoffice 3.22-community 7.2.7.2-r0 None possibly vulnerable
libreoffice 3.22-community 7.2.5.2-r0 None possibly vulnerable
libreoffice 3.22-community 7.2.2.2-r0 None possibly vulnerable
libreoffice 3.22-community 6.4.4.2-r0 None possibly vulnerable
libreoffice 3.22-community 6.4.3.2-r0 None possibly vulnerable
libreoffice 3.22-community 6.3.1.2-r0 None possibly vulnerable
libreoffice 3.22-community 6.3.0.4-r0 None possibly vulnerable
libreoffice 3.22-community 6.2.5.2-r0 None possibly vulnerable