Security News > 2023 > August > WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477)
A widely used Windows-only utility, WinRAR can create and extract file archives in various compression formats.
CVE-2023-40477 is a remote code execution vulnerability that could allow remote threat actors to execute arbitrary code on an affected WinRAR installation.
The vulnerability can be exploited remotely and may allow attackers to execute code in the context of the current process, but the flaw's CVSS score does not single it out as critical.
Easily exploitable WinRAR vulnerabilities do not surface often, but when they do, attackers take note.
Case in point: in 2019, a WinRAR vulnerability that allowed attackers to extract a malicious executable to one of the Windows Startup folder has been exploited by attackers to deliver persistent malware.
RARLAB has released a security update to address CVE-2023-40477 and WinRAR users should manually update to version 6.23 as soon as possible, since the software does not have the auto-update option.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-03 | CVE-2023-40477 | RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. | 0.0 |