7-Zip zero-working day vulnerability grants privilege escalation

PSA: A protection researcher lately found out a vulnerability in the file archiver 7-Zip that could grant attackers substantial privileges and allow them execute code. Builders have not released a patch nonetheless, but end users can promptly nullify this security gap in the meantime.

Very last 7 days, researcher Kağan Çapar located and printed a zero-day vulnerability in 7-Zip that can grant privilege escalation and command execution. Selected CVE-2022-29072, it impacts Home windows buyers operating edition 21.07 — the latest variation as of now.

As the movie underneath shows, an attacker with limited obtain to a technique can activate the vulnerability by opening the “Assistance” window in 7-Zip beneath Assist->Contents and dragging a file with the .7z extension into that window. Any file with that extension will function. It will not have to be a real 7z archive.

By jogging a little one approach below the 7zFM.exe system, the vulnerability can elevate the attacker’s privileges and enable them operate instructions on the concentrate on technique. Çapar blames this on a misconfiguration in the file 7z.dll and heap overflow.

The Home windows HTML helper file may perhaps also share some blame, as other programs can allow for command execution through it. Çapar mentions a very similar vulnerability that will work by means of the Home windows HTML helper file and WinRAR.

Deleting the file “7-zip.chm” in the 7-Zip root folder can mitigate the concern until finally devs patch it. It is unclear when that will be.

Related Articles

Back to top button