Security News > 2022 > August > CISA Issues Warning on Active Exploitation of UnRAR Software for Linux Systems
The U.S. Cybersecurity and Infrastructure Security Agency on Tuesday added a recently disclosed security flaw in the UnRAR utility to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
Tracked as CVE-2022-30333, the issue concerns a path traversal vulnerability in the Unix versions of UnRAR that can be triggered upon extracting a maliciously crafted RAR archive.
The vulnerability was revealed by SonarSource researcher Simon Scannell in late June.
"RARLAB UnRAR on Linux and UNIX contains a directory traversal vulnerability, allowing an attacker to write to files during an extract operation," the agency said in an advisory.
On top of that, CISA has also added CVE-2022-34713 to the catalog after Microsoft, as part of its Patch Tuesday updates on August 9, revealed that it has seen indications that the vulnerability has been exploited in the wild.
Said to be a variant of the vulnerability publicly known as DogWalk, the shortcoming in the Microsoft Windows Support Diagnostic Tool component could be leveraged by a rogue actor to execute arbitrary code on susceptible systems by tricking a victim into opening a decoy file.
News URL
https://thehackernews.com/2022/08/cisa-issues-warning-on-active.html
Related news
- CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns (source)
- CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability (source)
- CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- CISA Alert: Active Exploitation of VMware vCenter and Kemp LoadMaster Flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-09 | CVE-2022-34713 | Unspecified vulnerability in Microsoft products Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability | 7.8 |
| 2022-05-09 | CVE-2022-30333 | Path Traversal vulnerability in multiple products RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. | 7.5 |