Veritas Quick Assist update for 7-Zip vulnerability
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2025-0411 |
| CWE-ID | CWE-254 |
| Exploitation vector | Network |
| Public exploit | This vulnerability is being exploited in the wild. |
| Vulnerable software |
Quick Assist for Windows Client/Desktop applications / Software for system administration |
| Vendor | Veritas Technologies |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) Security features bypass
EUVDB-ID: #VU102998
Risk: High
CVSSv4.0: 7 [CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:A/U:Amber]
CVE-ID: CVE-2025-0411
CWE-ID:
CWE-254 - Security Features
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to application ignores the Mark-of-the-Web identifier when extracting files from an archive. A remote attacker can trick the victim into executing files extracted by the application as no additional security warning occurs.
Note, the vulnerability is being actively exploited in the wild.
Install update from vendor's website.
Vulnerable software versionsQuick Assist for Windows: 2.4.173 - 3.2.0
CPE2.3- cpe:2.3:a:veritas_technologies:quick_assist_for_windows:2.4.173:*:*:*:*:*:*:*
- cpe:2.3:a:veritas_technologies:quick_assist_for_windows:2.4.174:*:*:*:*:*:*:*
- cpe:2.3:a:veritas_technologies:quick_assist_for_windows:2.4.175:*:*:*:*:*:*:*
http://www.veritas.com/support/en_US/security/ARC25-003
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
