Back to KEVs

CVE-2025-11001

7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability

Basic Information

CVE State
PUBLISHED
Reserved Date
September 25, 2025
Published Date
November 19, 2025
Last Updated
February 26, 2026
Vendor
7-Zip
Product
7-Zip
Description
7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of symbolic links in ZIP files. Crafted data in a ZIP file can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of a service account. Was ZDI-CAN-26753.

CVSS Scores

CVSS v3.0

7.0 - HIGH

Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

SSVC Information

Exploitation
none
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (2025-11-21 13:46:16 UTC) Source

References

https://www.zerodayinitiative.com/advisories/ZDI-25-949/

Known Exploited Vulnerability Information

Source Added Date
The Shadowserver (via CIRCL) 2025-11-21 13:46:16 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel