WinZip Vulnerability Opens Door to Remote Code Execution

Summary: A serious vulnerability identified as CVE-2025-1240 has been found in WinZip, which could enable remote attackers to execute arbitrary code through malicious 7Z files. Although the CVSS score is 7.8, exploitation necessitates user interaction, meaning victims must unknowingly open a harmful file or visit a compromised webpage. Users are urged to upgrade to WinZip version 29.0 to mitigate this risk as soon as possible.

Affected: WinZip

Keypoints :

Vulnerability CVE-2025-1240 allows remote code execution through insecure 7Z file parsing.
Exploitation requires user interaction, such as opening a malicious file or visiting a harmful website.
WinZip version 29.0 addresses this vulnerability, making an upgrade essential for affected users.

Source: https://securityonline.info/cve-2025-1240-winzip-vulnerability-opens-door-to-remote-code-execution/

SHARE THIS STORY

WhatsApp X (Twitter)Telegram Bluesky Facebook LinkedIn Threads Email Print