CyberSecurityBoard
Sponsor Register Login

WinZip Vulnerability Let Remote Attackers Execute Arbitrary Code

A newly disclosed high-severity vulnerability in WinZip, tracked as CVE-2025-1240, enables remote attackers to execute arbitrary code on affected systems by exploiting malformed 7Z archive files. Security firm Zero Day Initiative (ZDI) detailed the flaw as ZDI-CAN-24986, noting its potential for widespread abuse given WinZip’s global user base. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The flaw, rated 7.8 on the CVSS scale, impacts WinZip 28.0 (Build 16022) and earlier versions, requiring users to update to WinZip 29.0 to mitigate risks. The vulnerability arises from inadequate validation of 7Z file data during parsing, permitting attackers to create malicious archives that cause an out-of-bounds write in memory. Security analysts urge organizations to prioritize updating affected software and educate users on recognizing suspicious file attachments. While the attack requires user interaction, the prevalence of 7Z files in software distribution and data sharing increases the likelihood of successful phishing campaigns. This corruption can be leveraged to execute code within the context of the WinZip process, potentially enabling full system compromise if paired with additional exploits. This vulnerability follows a surge in file-parsing exploits, including a recent Windows OLE zero-click flaw (CVE-2025-21298) that allowed RCE via malicious emails. Palo Alto Networks has released a patch for a high-severity authentication bypass vulnerability, identified as CVE-2025-0108, affecting their PAN-OS software. WinZip Computing addressed the flaw in version 29.0 (Build 16250), released in December 2024. Such incidents underscore the importance of proactive patch management, particularly for widely used utilities like WinZip, which handles over 1 billion compressed files annually. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 14 Feb 2025 03:20:18 +0000


Cyber News related to WinZip Vulnerability Let Remote Attackers Execute Arbitrary Code

WinZip Vulnerability Let Remote Attackers Execute Arbitrary Code - A newly disclosed high-severity vulnerability in WinZip, tracked as CVE-2025-1240, enables remote attackers to execute arbitrary code on affected systems by exploiting malformed 7Z archive files. Security firm Zero Day Initiative (ZDI) detailed the ...
2 months ago Cybersecuritynews.com CVE-2025-1240 CVE-2025-21298 CVE-2025-0108
CVE-2004-0333 - Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters. This was fixed in WinZip 8.1 ...
7 years ago
WinZip MotW Bypass Vulnerability Let Hackers Execute Malicious Code Silently - The exploitation process is straightforward: attackers create a malicious file (such as a .docm file with dangerous macros), compress it into an archive, distribute it via phishing or compromised websites, and when victims extract it using WinZip, ...
1 day ago Cybersecuritynews.com CVE-2025-0411
CVE-2024-8811 - WinZip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the ...
5 months ago Tenable.com
CVE-2025-33028 - In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User ...
1 week ago
CVE-2006-3890 - Stack-based buffer overflow in the Sky Software FileView ActiveX control, as used in WinZip 10 before build 7245 and in certain other applications, allows remote attackers to execute arbitrary code via a long FilePattern attribute in a WZFILEVIEW ...
6 years ago
CVE-2007-0264 - Buffer overflow in Winzip32.exe in WinZip 9.0 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long command line argument. NOTE: this issue may cross privilege boundaries if an application ...
16 years ago
CVE-2025-1240 - WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of WinZip. User interaction is required to exploit this vulnerability in ...
2 months ago Tenable.com
The Exploration of Static vs Dynamic Code Analysis - Two essential methodologies employed for this purpose are Static Code Analysis and Dynamic Code Analysis. Static Code Analysis involves the examination of source code without its execution. In this exploration of Static vs Dynamic Code Analysis, ...
1 year ago Feeds.dzone.com
Over 100 WordPress Repository Plugins Affected by Shortcode-based Stored Cross-Site Scripting - On August 14, 2023, the Wordfence Threat Intelligence team began a research project to find Stored Cross-Site Scripting via Shortcode vulnerabilities in WordPress repository plugins. We found over 100 vulnerabilities across 100 plugins which affect ...
1 year ago Wordfence.com
The Last Mile of Encrypting the Web: 2023 Year in Review - At the start of 2023, we sunsetted the HTTPS Everywhere web extension. It encrypted browser communications with websites and made sure users benefited from the protection of HTTPS wherever possible. HTTPS Everywhere ended because all major browsers ...
1 year ago Eff.org
Master the Art of Writing Clean Codebases - As developers, we can write code that's DRY and modular by using functions, variables, classes, and comments. That's what poorly structured code feels like: confusing, frustrating, and riddled with vulnerabilities. The choice is clear: build code ...
1 year ago Feeds.dzone.com
Meta releases 'Code Llama 70B', an open-source behemoth to rival private AI development - Meta AI, the company that brought you Llama 2, the gargantuan language model that can generate anything from tweets to essays, has just released a new and improved version of its code generation model, Code Llama 70B. This updated model can write ...
1 year ago Venturebeat.com
December 2023's Most Wanted Malware- The Resurgence of Qbot - Last month, Qbot malware was employed by cybercriminals as part of a limited-scale phishing attack targeting organizations in the hospitality sector. Seeing Qbot in the wild less than four months after its distribution infrastructure was dismantled ...
1 year ago Blog.checkpoint.com
Don't get hacked! Apply the right vulnerability metrics to Kubernetes scans - As you read this, I'd like you to keep in mind that CVSS was never intended to be that end-all software vulnerability scoring system. Doesn't reflect actual risk - CVSS provides a base score that represents the inherent severity of a vulnerability in ...
1 year ago Securityboulevard.com
Dotnet Source Generators in 2024 Part 1: Getting Started - Security Boulevard - While nice, this incurs an execution of any classes marked as a source generator every time something changes in the project (i.e., delete a line of code, add a line of code, make a new file, etc.). As you can imagine, having something running every ...
6 months ago Securityboulevard.com
That time I broke into an API and became a billionaire - This included an internal API with a dependency on a third-party banking API. We'll get to the banking API later in this story. That's all thanks to developers embracing agile development, microservices, and API gateway redirection that exposed ...
1 year ago Securityboulevard.com
CVE-2021-47275 - In the Linux kernel, the following vulnerability has been resolved: ...
11 months ago
Beware of Expired or Compromised Code Signing Certificates - One of the vital security measures taken in this direction is the use of code signing certificates to prove software authenticity, integrity and security. Code signing certificates, used for digitally signing applications and software, are an ...
1 year ago Securityboulevard.com
CVE-2024-35877 - In the Linux kernel, the following vulnerability has been resolved: ...
5 months ago
CVE-2024-38610 - In the Linux kernel, the following vulnerability has been resolved: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() Patch series "mm: follow_pte() improvements and acrn follow_pte() fixes". Patch #1 fixes a bunch of issues I spotted in ...
10 months ago Tenable.com
Navigating the Cybersecurity Landscape - Cyber threats are diverse and continually evolving, ranging from commonplace scams to highly sophisticated attacks. Let's delve deeper into the nature of prevalent threats, gaining a nuanced understanding that will serve as the foundation for robust ...
1 year ago Feeds.dzone.com
The Avast Phishing Awards: Trickiest email headlines of 2023 - 2023 has been filled with many ups, downs, and scams. As we navigate the treacherous waters of the digital realm, let's take a moment and make note of the tactics behind the phishing emails that graced millions of inboxes across the country this ...
1 year ago Blog.avast.com
Safeguard your heart and personal info this cuffing season - While you have your heart set on finding a partner, you should also keep your eyes peeled for the dangers that come with dating in the digital realm. Before you dive into the digital dating pool, let's first dive into some common romance scams and ...
1 year ago Blog.avast.com
Worried About AI Voice Clone Scams? Create a Family Password - It's a classic and common scam, and like many scams it relies on a scary, urgent scenario to override the victim's common sense and make them more likely to send money. There's an easy and old-school trick you can use to preempt the scammers: ...
1 year ago Eff.org

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)