WinRAR Vulnerability Enables Arbitrary Code Execution via Malicious Archives
A high-severity security vulnerability has been successfully addressed in WinRAR, the widely used file archiver utility for Windows, which could potentially execute commands on a computer simply by opening a manipulated archive. Tracked as CVE-2023-40477, the flaw posed the risk of arbitrary code execution on the targeted system when a specially crafted RAR file was accessed.
The discovery of the vulnerability is credited to a researcher known as “goodbyeselene” from the Zero Day Initiative. The researcher reported the flaw to the software vendor, RARLAB, on June 8th, 2023.
The security advisory posted on Zero Day Initiative’s site explains the issue, stating that the vulnerability resides in the processing of recovery volumes. The problem stems from inadequate validation of user-provided data, leading to memory access beyond the boundaries of an allocated buffer.
See Also: So you want to be a hacker?
Offensive Security, Bug Bounty Courses
While the severity rating of the vulnerability is assessed at 7.8 according to the Common Vulnerability Scoring System (CVSS), it’s important to note that the target needs to deceive a user into opening a manipulated archive. However, considering the vast user base of WinRAR, this task isn’t necessarily a substantial obstacle for attackers, increasing the potential for successful exploitation.
To mitigate this risk, RARLAB released WinRAR version 6.23 on August 2nd, 2023, effectively resolving CVE-2023-40477. It is strongly recommended that WinRAR users promptly apply this security update.
In addition to fixing the RAR4 recovery volumes processing code flaw, version 6.23 also addresses another issue related to specially crafted archives causing incorrect file initiation. This too is classified as a high-severity concern.
Trending: Recon Tool: RecoX
It’s worth noting that Microsoft is currently testing native support for RAR, 7-Zip, and GZ files in Windows 11, potentially obviating the need for third-party software like WinRAR, unless specific advanced features are required.
For those continuing to use WinRAR, maintaining up-to-date software is crucial, as historical instances have shown that hackers can exploit similar vulnerabilities to deliver malware. Additionally, exercising caution when opening RAR files and employing an antivirus tool capable of scanning archives would enhance security measures.
Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?
If you want to express your idea in an article contact us here for a quote: [email protected]
Source: bleepingcomputer.com