CVE-2025-29867

Name of the Vulnerable Software and Affected Versions Hancom Office 2018 versions prior to 10.0.0.12681 Hancom Office 2020 versions prior to 11.0.0.8916 Hancom Office 2022 versions prior to 12.0.0.4426 Hancom Office 2024 versions prior to 13.0.0.3050

Description An Access of Resource Using Incompatible Type ('Type Confusion') issue exists in Hancom Office 2018, Hancom Office 2020, Hancom Office 2022, and Hancom Office 2024. This issue allows for File Content Injection. A 'Type Confusion' occurs when a program attempts to access a resource using an incorrect data type, potentially leading to unexpected behavior or security compromises.

Recommendations Hancom Office 2018 versions prior to 10.0.0.12681 should be updated to version 10.0.0.12681 or later. Hancom Office 2020 versions prior to 11.0.0.8916 should be updated to version 11.0.0.8916 or later. Hancom Office 2022 versions prior to 12.0.0.4426 should be updated to version 12.0.0.4426 or later. Hancom Office 2024 versions prior to 13.0.0.3050 should be updated to version 13.0.0.3050 or later.