7-Zip Vulnerability Lets Malicious RAR5 Files Crash Systems

Threat Score
55% 2 articles 90.0% Similarity 2 days ago

Activity Timeline

New 7-Zip Vulnerability Enables Malicious RAR5 Fil...
Cybersecurity News
Jul 21
03:31
7-Zip Vulnerability Lets Malicious RAR5 Files Cras...
GB Hackers
Primary Article
Jul 21
06:59
  • A critical denial-of-service vulnerability in 7-Zip, tracked as CVE-2025-53816 (GHSL-2025-058), allows attackers to crash systems using malicious RAR5 files.
  • The vulnerability affects all versions of 7-Zip prior to version 25.00, making it widely applicable across user bases.
  • Exploitation involves a heap buffer overflow in the RAR5 decoder, leading to memory corruption and system instability when processing crafted archives.
  • Immediate action required: users must upgrade to 7-Zip version 25.00 or later to mitigate this risk.

A critical vulnerability in 7-Zip (CVE-2025-53816) has been identified, allowing attackers to trigger denial-of-service conditions by exploiting a heap buffer overflow in the RAR5 decoder. This flaw affects all versions prior to 25.00, potentially impacting a vast number of users. Organizations must upgrade to 7-Zip version 25.00 or later immediately to prevent system crashes caused by malicious RAR5 files. Additionally, users should review their systems for any signs of exploitation and consider implementing monitoring for unusual file activity as a precaution.

Threat Intelligence by Cluster AI
Updated 2 days ago
AI-generated summaries may contain inaccuracies. Verify critical information from original sources.

Articles in this Threat Cluster

Save to Folder

Choose a folder to save this cluster: