WinRAR has released version 7.13 to patch a critical path traversal zero-day vulnerability (CVE-2025-8088) that could enable remote code execution. Threat actors, including Paper Werewolf, are suspected of weaponizing this flaw in targeted attacks on Russian organizations. #WinRAR #CVE20258088
Keypoints
- The vulnerability CVE-2025-8088 affects WinRAR versions up to 7.12 and allows path traversal during archive extraction.
- Security researchers credited with discovering the flaw include Anton Cherepanov, Peter Kosinar, and Peter Strycek from ESET.
- Attacks have targeted Russian organizations via phishing emails with malicious archives, possibly linked to threat actors Paper Werewolf and zeroplayer.
- Exploitation requires user interaction, such as opening a malicious archive, to write files outside the intended directories.
- The vulnerability was addressed in WinRAR version 7.13, and previous versions remain vulnerable to similar exploits.
Read More: https://thehackernews.com/2025/08/winrar-zero-day-under-active.html