CVE-2025-4613
Client side RCE in Google Web Designer App
Path traversal in Google Web Designer's template handling versions prior to 16.3.0.0407 on Windows allows attacker to achieve remote code execution by tricking users into downloading a malicious ad template
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:A/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/S:N/AU:N/R:U/V:D/RE:L
Affected products
Google · Web Designer AppWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →