Critical Security Vulnerability Affects All the Versions of 7-Zip Prior to 18.05

7-Zip is a free open source archiver with a high compression ratio. It is under the License of GNU LGPL & BSD 3-clause and can be used in any computers, including computers in the commercial organization.

The software is in use for more than 18 years its initial release was on 18 July 1999 and the last stable release on April 30, 2018, version 18.05.

A critical arbitrary code execution vulnerability discovered in 7-Zip affects all the versions of the software prior to 18.05.

By exploiting this vulnerability attackers could gain full access associated with the user profile and they can install view, change, or delete data; or create new accounts with full user rights.

Admin user accounts will be highly impacted by this vulnerability and the low privileged users are less impacted.

According to Center of Security threat intelligence “There are currently no reports of this vulnerability being exploited in the wild”.

The vulnerability is due to lack of address space layout randomization (ASLR) on the main executables (7zFM.exe, 7zG.exe, 7z.exe) which cause memory corruptions that lead to arbitrary code execution (CVE-2018-10115).

Mitigations

  • Update 7-Zip to the latest version 18.05.
  • Running the software as a non-privileged user.
  • Apply minimal privilege to all systems and services.
Guru baran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

PrestaShop Website Under Injection Attack Via Facebook Module

A critical vulnerability has been discovered in the "Facebook" module (pkfacebook) from Promokit.eu for PrestaShop. The vulnerability, CVE-2024-36680, allows a…

24 hours ago

Beware Of Illegal OTT Platforms That Exposes Sensitive Personal Information

A recent rise in data breaches from illegal Chinese OTT platforms exposes that user information, including names and financial details,…

1 day ago

Beware Of Zergeca Botnet with Advanced Scanning & Persistence Features

A new botnet named Zergeca has emerged, showcasing advanced capabilities that set it apart from typical Distributed Denial of Service…

1 day ago

Mailcow Mail Server Vulnerability Let Attackers Execute Remote Code

Two critical vulnerabilities (CVE-2024-31204 and CVE-2024-30270) affecting Mailcow versions before 2024-04 allow attackers to execute arbitrary code on the server.…

1 day ago

Hackers Attacking Vaults, Buckets, And Secrets To Steal Data

Hackers target vaults, buckets, and secrets to access some of the most classified and valuable information, including API keys, logins,…

1 day ago

Hackers Weaponizing Windows Shortcut Files for Phishing

LNK files, a shortcut file type in Windows OS, provide easy access to programs, folders, or websites. Created automatically during…

1 day ago