Security features bypass in 7-Zip - CVE-2025-0411
Published: January 20, 2025 / Updated: March 2, 2026
Vulnerability identifier: #VU102998
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:A/U:Amber
CVE-ID: CVE-2025-0411
CWE-ID: CWE-254
Exploitation vector: Remote access
Exploit availability:
The vulnerability is being exploited in the wild
Vendor: 7-zip.org
Affected software:
7-Zip
7-Zip
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to application ignores the Mark-of-the-Web identifier when extracting files from an archive. A remote attacker can trick the victim into executing files extracted by the application as no additional security warning occurs.
Note, the vulnerability is being actively exploited in the wild.
How to mitigate CVE-2025-0411
Install updates from vendor's website.