**Name of the Vulnerable Software and Affected Versions:**

WinRAR versions prior to 7.13

**Description:**

WinRAR contains a path traversal vulnerability that allows attackers to execute arbitrary code by crafting malicious archive files. This vulnerability has been actively exploited in the wild by multiple threat actors, including the Russia-linked RomCom group and Paper Werewolf. Exploitation involves embedding malicious payloads within RAR archives that, when extracted, place files in unauthorized locations, such as the Windows Startup folder, leading to automatic execution of malicious code. The vulnerability affects Windows versions of WinRAR and applications using the UnRAR library.

**Recommendations:**

Update WinRAR to version 7.13 or later to address this vulnerability.