Icare1337

**Name of the Vulnerable Software and Affected Versions** Collabora Online versions prior to 22.05.25 Collabora Online versions prior to 23.05.19 Collabora Online versions prior to 24.04.12.4 **Description** The issue concerns Collabora Online, a collaborative online office suite based on LibreOffice. By default, macro support is disabled, but administrators can enable it. When macros are enabled, they can run executable binaries, potentially allowing the installation and execution of arbitrary binaries within a restricted environment. This could be used to bypass network access limits and provide a platform for further exploitation attempts. **Recommendations** For versions prior to 22.05.25, update to version 22.05.25 or later to resolve the issue. For versions prior to 23.05.19, update to version 23.05.19 or later to resolve the issue. For versions prior to 24.04.12.4, update to version 24.04.12.4 or later to resolve the issue. As a temporary workaround, consider disabling macro support in Collabora Online until a patch is available.