CVE-2025-33027

Name of the Vulnerable Software and Affected Versions Bandizip versions 7.37 and earlier

Description A Mark-of-the-Web Bypass Vulnerability exists in Bandizip, allowing attackers to bypass the Mark-of-the-Web protection mechanism on affected installations. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of archived files, where Bandizip does not propagate the Mark-of-the-Web to the extracted files when extracting from a crafted archive. This enables an attacker to execute arbitrary code in the context of the current user.

Recommendations For Bandizip versions 7.37 and earlier, update to a version that includes a fix for this vulnerability. As a temporary workaround, consider avoiding the extraction of files from archives that may bear the Mark-of-the-Web until a patch is available. Restrict access to potentially malicious files and websites to minimize the risk of exploitation.