CVE-2025-11001

Name of the Vulnerable Software and Affected Versions 7-Zip versions prior to 25.00

Description A flaw exists in the ZIP file parsing logic regarding the handling of symbolic links. An attacker can craft a malicious ZIP file containing symbolic links that cause the application to traverse to unintended directories during extraction. This directory traversal allows files to be written to arbitrary system locations, which can be leveraged to execute arbitrary code in the context of the service account running 7-Zip. Exploitation requires user interaction, specifically the opening of a specially crafted archive. This issue has been reported as being used in phishing campaigns.

Recommendations Update to version 25.00 or newer. Enforce sandboxing where possible. Run 7-Zip under reduced privileges.