CVE-2025-11001

Name of the Vulnerable Software and Affected Versions 7-Zip versions prior to 25.01 7-Zip versions 21.02 through 24.99

Description 7-Zip is affected by a remote code execution vulnerability due to improper handling of symbolic links within ZIP files. A crafted ZIP file can cause the process to traverse to unintended directories, potentially allowing an attacker to execute code in the context of a service account. This vulnerability is actively being exploited in the wild, with reports of attacks targeting Windows systems. The NHS in England has issued a cyber alert regarding this issue. The vulnerability allows attackers to write files outside the intended extraction folder, potentially delivering malware or achieving full code execution. The vulnerability is triggered simply by opening a malicious ZIP file.

API Endpoints: None mentioned.

Vulnerable Parameters or Variables: None mentioned.

Function Names: None mentioned.

Recommendations Update to 7-Zip version 25.00 or later. Update to 7-Zip version 25.01.