Primary

Context

MindManager Windows Directory Traversal Vulnerability Allowing Arbitrary File Write

Vulnerability

A directory traversal vulnerability has been identified in MindManager for Windows, affecting versions prior to 24.1.150. This vulnerability allows attackers to write to unintended directories on the victim's machine. The issue arises when a user opens file attachments contained within malicious mmap files.

Impact

Exploitation of this vulnerability could lead to unauthorized writing of files in unexpected directories on the victim's machine.

Reproduction

To reproduce this vulnerability, open a malicious mmap file that contains file attachments. When the file attachments are opened, the vulnerability is triggered, allowing for directory traversal and arbitrary file writing.

Added: Aug 22, 2025, 2:28 PM

Updated: Aug 22, 2025, 3:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.8

remediation

0.0

relevance

0.4

threat

1.6

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.8

remediation

0.0

relevance

0.4

threat

1.6

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MindManager Windows Directory Traversal Vulnerability Allowing Arbitrary File Write

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating