**Name of the Vulnerable Software and Affected Versions:**

WinRAR versions prior to 7.13

**Description:**

A path traversal vulnerability exists in WinRAR, allowing attackers to execute arbitrary code by crafting malicious archive files. This vulnerability has been actively exploited in the wild by multiple threat actors, including the Russia-linked RomCom group and Paper Werewolf. Exploitation involves embedding malicious payloads within RAR archives that, when extracted, place files in unauthorized locations, such as the Windows Startup folder, leading to automatic malware execution upon system login. The vulnerability allows attackers to bypass security measures and gain unauthorized access to systems.

**Recommendations:**

Update WinRAR to version 7.13 or later immediately. As WinRAR does not feature automatic updates, manual intervention is required to apply the fix.