#VU102998 Security features bypass in 7-Zip - CVE-2025-0411
Published: January 20, 2025 / Updated: March 2, 2026
Vulnerability identifier: #VU102998
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:A/U:Amber
CVE-ID: CVE-2025-0411
CWE-ID: CWE-254
Exploitation vector: Remote access
Exploit availability:
The vulnerability is being exploited in the wild
Vulnerable software:
7-Zip
7-Zip
Software vendor:
7-zip.org
7-zip.org
Description
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to application ignores the Mark-of-the-Web identifier when extracting files from an archive. A remote attacker can trick the victim into executing files extracted by the application as no additional security warning occurs.
Note, the vulnerability is being actively exploited in the wild.
Remediation
Install updates from vendor's website.