CVE-2025-4613

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Google Web Designer versions prior to 16.3.0.0407

Description The issue allows an attacker to achieve remote code execution by tricking users into downloading a malicious ad template. This is due to path traversal in Google Web Designer's template handling on Windows.

Recommendations For versions prior to 16.3.0.0407, update to version 16.3.0.0407 or later to resolve the issue. As a temporary workaround, consider avoiding the download of ad templates from untrusted sources until the update is applied. Restrict access to template handling features in Google Web Designer to minimize the risk of exploitation.

Exploit

Fix

RCE

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22CWE-20

Related Identifiers

CVE-2025-4613

Affected Products

Web Designer App

Web Designer

CVE-2025-4613

Weakness Enumeration

Related Identifiers

Affected Products

References · 12