Hancom Office DOC File Parsing Type Confusion Remote Code Execution Vulnerability

Hancom Office contains a remote code execution vulnerability (CVE-2025-29867) that allows attackers to execute arbitrary code if a user opens a malicious file or visits a malicious webpage, rated as high severity with a CVSS score of 7.8. An attacker exploiting this flaw can gain full code execution on affected systems, potentially compromising user data and system integrity. Security teams should prioritize patching Hancom Office installations and educate users to avoid opening untrusted files or visiting suspicious links until patches are available.