CVE-2025-0411

Warnung

EPSS 32.14%
Veröffentlicht 25.01.2025 05:15:09
Zuletzt bearbeitet 12.02.2025 18:14:13
Quelle zdi-disclosures@trendmicro.com
Teams Watchlist Login
Unerledigt Login

7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the handling of archived files. When extracting files from a crafted archive that bears the Mark-of-the-Web, 7-Zip does not propagate the Mark-of-the-Web to the extracted files. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. Was ZDI-CAN-25456.

Betroffene Produkte Warnungen 1 Metriken 3 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

7-zip ≫ 7-zip Version < 24.09

06.02.2025: CISA Known Exploited Vulnerabilities (KEV) Catalog

7-Zip Mark of the Web Bypass Vulnerability

Schwachstelle

7-Zip contains a protection mechanism failure vulnerability that allows remote attackers to bypass the Mark-of-the-Web security feature to execute arbitrary code in the context of the current user.

Beschreibung

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	32.14%	0.967

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7	1	5.9	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
zdi-disclosures@trendmicro.com	7	1	5.9	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-693 Protection Mechanism Failure

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

https://www.zerodayinitiative.com/advisories/ZDI-25-045/

Third Party Advisory

VDB Entry

http://www.openwall.com/lists/oss-security/2025/01/24/6

Mailing List

https://security.netapp.com/advisory/ntap-20250207-0005/

Third Party Advisory

https://www.vicarius.io/vsociety/posts/cve-2025-0411-7-zip-mitigation-vulnerability

Mitigation

https://www.vicarius.io/vsociety/posts/cve-2025-0411-detection-7-zip-vulnerability

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2025-0411

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-0411

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-0411

EUVD