Vulnerability detail
Enriched intelligence for a single CVE
High
CVE-2025-0411
PUBLISHED7-Zip Mark-of-the-Web Bypass Vulnerability
- Vendor
- 7-Zip
- Product
- 7-Zip
- Published
- Jan 25, 2025
- EPSS
- —
Description
7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of archived files. When extracting files from a crafted archive that bears the Mark-of-the-Web, 7-Zip does not propagate the Mark-of-the-Web to the extracted files. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. Was ZDI-CAN-25456.
CVSS scores
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
SSVC decision points
- Exploitation
- active
- Automatable
- No
- Technical impact
- total
Known exploited vulnerability sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| CISA | Feb 06, 2025 |
Scanner integrations
| Scanner | Reference | Detected |
|---|---|---|
| Nessus | https://www.tenable.com/plugins/nessus/214542 | Jun 02, 2025 |
Potential proof of concepts
These PoCs are unverified and could contain malware. Use at your own risk.
github · Created 2025-03-13 19:53:22 UTC · 1 stars
This repository contains POC scenarios as part of CVE-2025-0411 MotW bypass.
github · Created 2025-02-23 02:55:44 UTC · 1 stars
github · Created 2025-02-19 04:47:59 UTC · 0 stars
github · Created 2025-01-27 07:32:09 UTC · 1 stars
7-Zip Mark-of-the-Web绕过漏洞PoC(CVE-2025-0411)
github · Created 2025-01-22 14:40:34 UTC · 129 stars
This repository contains POC scenarios as part of CVE-2025-0411 MotW bypass.
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel
-
Proof of Concept Exploit Available
-
Detected by Nessus