CVE-2025-0411

HIGH CISA KEV EPSS 99.2%
Published Jan 25, 20251y ago · Modified Jun 17, 20261w ago
7.0 CVSS 3.1
High
Find Similar
Published Jan 25, 2025 1y ago
Last Modified Jun 17, 2026 1w ago
KEV Listed Feb 6, 2025 1y ago
KEV Due Feb 27, 2025 488d overdue

Description

7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of archived files. When extracting files from a crafted archive that bears the Mark-of-the-Web, 7-Zip does not propagate the Mark-of-the-Web to the extracted files. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. Was ZDI-CAN-25456.

CVSS Details

Base Score
7.0
Exploitability
1.0
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity High
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

CISA Known Exploited Overdue 488d
Added
Feb 6, 2025
Due
Feb 27, 2025

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

EPSS Exploit Probability
99.2% percentile
Exploit & Patch Status
Actively Exploited (KEV)
No Patch Available

Weaknesses 1

CWE-693

Affected Products 2

VendorProductVersionRange
netappactive_iq_unified_manager*any
7-zip7-zip* <24.09

References 6

  • openwall.com http://www.openwall.com/lists/oss-security/2025/01/24/6
    Mailing List
  • security.netapp.com https://security.netapp.com/advisory/ntap-20250207-0005/
    Third Party Advisory
  • cisa.gov https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-0411
    US Government Resource
  • vicarius.io https://www.vicarius.io/vsociety/posts/cve-2025-0411-7-zip-mitigation-vulnerability
    Mitigation
  • vicarius.io https://www.vicarius.io/vsociety/posts/cve-2025-0411-detection-7-zip-vulnerability
    Mitigation
  • zerodayinitiative.com https://www.zerodayinitiative.com/advisories/ZDI-25-045/
    Third Party AdvisoryVDB Entry

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.