Security News > 2023 > August > WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477)
A widely used Windows-only utility, WinRAR can create and extract file archives in various compression formats.
CVE-2023-40477 is a remote code execution vulnerability that could allow remote threat actors to execute arbitrary code on an affected WinRAR installation.
The vulnerability can be exploited remotely and may allow attackers to execute code in the context of the current process, but the flaw's CVSS score does not single it out as critical.
Easily exploitable WinRAR vulnerabilities do not surface often, but when they do, attackers take note.
Case in point: in 2019, a WinRAR vulnerability that allowed attackers to extract a malicious executable to one of the Windows Startup folder has been exploited by attackers to deliver persistent malware.
RARLAB has released a security update to address CVE-2023-40477 and WinRAR users should manually update to version 6.23 as soon as possible, since the software does not have the auto-update option.
News URL
https://www.helpnetsecurity.com/2023/08/21/cve-2023-40477/
Related news
- Rsync vulnerabilities allow remote code execution on servers, patch quickly! (source)
- Sophos Firewall vulnerable to critical remote code execution flaw (source)
- Sophos discloses critical Firewall remote code execution flaw (source)
- Apache fixes remote code execution bypass in Tomcat web server (source)
- Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection (source)
- Meta's Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks (source)
- Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-03 | CVE-2023-40477 | RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. | 0.0 |