CVE-2025-0332

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 12, 2025

Updated: Feb 21, 2025

CWE ID 22

Summary

CVE-2025-0332 is a vulnerability affecting the In Progress® Telerik® UI for WinForms software. Versions preceding Q1 2025 (2025.1.211) contain a flaw that permits an attacker to bypass the intended file decompression destination, potentially leading to unauthorized archive content being decompressed into restricted directories. This issue could result in unintended code execution or data exposure. Users are advised to update to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Telerik

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/2TFY6_
https://www.cve.org/CVERecord?id=CVE-2025-0332
https://nvd.nist.gov/vuln/detail/CVE-2025-0332

Back to Vulnerability Database

CVE-2025-0332

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations