CVE-2025-11001

CVSS v3.1

7.8

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions 7-Zip versions prior to 25.00 7-Zip versions 21.02 through 25.00

Description 7-Zip is affected by a flaw in how it handles symbolic links within ZIP files. This issue can lead to remote code execution if a user opens a specially crafted ZIP archive. The vulnerability allows attackers to execute code in the context of a service account by causing the process to traverse to unintended directories. This flaw is actively being exploited in the wild, with reports of attacks utilizing phishing campaigns. The vulnerability is triggered when processing symbolic links during file extraction. The specific flaw exists within the handling of symbolic links in ZIP files. Crafted data in a ZIP file can cause the process to traverse to unintended directories.

Recommendations Update to 7-Zip version 25.00 or later. Update to 7-Zip version 25.01 or later.

Exploit

Fix

RCE

Link Following

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-59CWE-22

Related Identifiers

BDU:2025-12910

BDU:2025-12912

CVE-2025-11001

ZDI-25-949

Affected Products

7-Zip

Debian

Red Os

CVE-2025-11001

Weakness Enumeration

Related Identifiers

Affected Products

References · 166