Saturday, December 7, 2024
HomeComputer SecurityCritical Security Vulnerability Affects All the Versions of 7-Zip Prior to 18.05

Critical Security Vulnerability Affects All the Versions of 7-Zip Prior to 18.05

Published on

SIEM as a Service

7-Zip is a free open source archiver with a high compression ratio. It is under the License of GNU LGPL & BSD 3-clause and can be used in any computers, including computers in the commercial organization.

The software is in use for more than 18 years its initial release was on 18 July 1999 and the last stable release on April 30, 2018, version 18.05.

A critical arbitrary code execution vulnerability discovered in 7-Zip affects all the versions of the software prior to 18.05.

- Advertisement - SIEM as a Service

By exploiting this vulnerability attackers could gain full access associated with the user profile and they can install view, change, or delete data; or create new accounts with full user rights.

Admin user accounts will be highly impacted by this vulnerability and the low privileged users are less impacted.

According to Center of Security threat intelligence “There are currently no reports of this vulnerability being exploited in the wild”.

The vulnerability is due to lack of address space layout randomization (ASLR) on the main executables (7zFM.exe, 7zG.exe, 7z.exe) which cause memory corruptions that lead to arbitrary code execution (CVE-2018-10115).

Mitigations

  • Update 7-Zip to the latest version 18.05.
  • Running the software as a non-privileged user.
  • Apply minimal privilege to all systems and services.
Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...

Russian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom Malware

BlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using...

Russian Hackers Hijacked Pakistani Actor Servers For C2 Communication

Secret Blizzard, a Russian threat actor, has infiltrated 33 command-and-control (C2) servers belonging to...

Sophisticated Celestial Stealer Targets Browsers to Steal Login Credentials

Researchers discovered Celestial Stealer, a JavaScript-based MaaS infostealer targeting Windows systems that, evading detection...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Poison Ivy APT Launches Continuous Cyber Attack on Defense, Gov, Tech & Edu Sectors

Researchers uncovered the resurgence of APT-C-01, also known as the Poison Ivy group, an...

Hackers Can Secretly Access ThinkPad Webcams by Disabling LED Indicator Light

In a presentation at the POC 2024 conference, cybersecurity expert Andrey Konovalov revealed a...

“Bootkitty” – A First Ever UEFI Bootkit Attack Linux Systems

Cybersecurity researchers have uncovered the first-ever UEFI bootkit designed to target Linux systems.This...