Main Vulnerability Database Vulnerabilities #VU79925

Input validation error in WinRAR - CVE-2023-38831

Published: August 23, 2023 / Updated: October 25, 2024

Vulnerability identifier: #VU79925

CSH Severity: Critical

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red

CVE-ID: CVE-2023-38831

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: The vulnerability is being exploited in the wild

Vendor: RARLAB

Affected software:
WinRAR

Detailed vulnerability description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of file names inside .zip archives. A remote attacker can create a specially crafted archive that contains executable malicious files and spoof their file extension to look like .jpeg or .txt.

Note, the vulnerability is being actively exploited in the wild as of April 2023.

How to mitigate CVE-2023-38831

Install updates from vendor's website.

Sources

https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/

Input validation error in WinRAR - CVE-2023-38831

Detailed vulnerability description

How to mitigate CVE-2023-38831

Sources

Please verify you're human