WinZip Vulnerability Allows Remote Attackers to Execute Arbitrary Code

A newly discovered vulnerability in WinZip, a popular file compression and archiving utility, has raised alarms among cybersecurity experts.

Identified as CVE-2025-1240, this critical flaw allows remote attackers to execute arbitrary code on a victim’s system under specific conditions. Users are strongly advised to update their software to mitigate the risk.

Key Details of the Vulnerability

The vulnerability, disclosed under ZDI-25-047 and ZDI-CAN-24986, stems from an issue in the parsing of 7Z files—a file format commonly associated with compressed archives.

Improper validation of user-supplied data can result in an out-of-bounds write, enabling attackers to potentially execute malicious code in the current process.

This flaw has earned a CVSS score of 7.8 (High), reflecting its severity and potential impact on confidentiality, integrity, and availability.

For the attack to succeed, user interaction is required, such as opening a malicious 7Z file or visiting a hosting webpage.

Despite requiring user interaction, the possibility of executing arbitrary code makes this vulnerability highly dangerous, particularly as it could lead to full system compromise if exploited successfully.

As per a report by Zero Day Initiative, the vulnerability was initially reported to the vendor, WinZip Computing, on September 4, 2024. 

Following months of investigation and remediation efforts, an official patch was released as part of WinZip 29.0. 

The advisory was publicly disclosed on January 20, 2025, and later updated on February 11, 2025, to include further clarifications.

To address the issue, users are strongly urged to update their software to WinZip 29.0 or later.

The update incorporates fixes to the parsing mechanism, ensuring better validation and secure handling of 7Z files.

The discovery of the flaw has been credited to an anonymous researcher.

The incident highlights the persistent need to ensure software security, particularly for widely used utilities like WinZip.

As cyber threats evolve, users must remain vigilant and proactive in applying security patches.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free