Name of the Vulnerable Software and Affected Versions:

WinRAR versions prior to 6.23

Description:

The vulnerability in WinRAR allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. This occurs because a ZIP archive may include a benign file and a folder with the same name, and the contents of the folder are processed during an attempt to access the benign file. The issue has been exploited in the wild since at least April 2023. Multiple APT groups have exploited this flaw, and it has been used to target various industries, including cryptocurrency and government entities. The vulnerability is estimated to have been used in attacks against traders and has been linked to state-backed threat actors from Russia and China.

Recommendations:

To resolve the issue, update WinRAR to version 6.23 or later. As a temporary workaround, consider disabling the use of ZIP archives or restricting access to the vulnerable module until a patch is available. Additionally, be cautious when opening files from unknown sources, and ensure that all software is up to date with the latest security patches.