Aller au contenu
appaloosa scout logo main rounded
HIGH 8.8 KEV

CVE-2025-8088

EN A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček
from ESET.

CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA Known Exploited Vulnerability

Ajouté au KEV
2025-08-12
Deadline remédiation
2025-09-02
Action requise
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Ransomware
Non

Apps suivies affectées

Winrar
winget:RARLab.WinRAR
1 ouverte 1 exploitée

Configurations CPE vulnérables

Vendor Produit Plateforme Versions CPE 2.3 URI
rarlab winrar Windows <7.13 cpe:2.3:a:rarlab:winrar:*:*:*:*:*:*:*:*
Voir sur NVD ↗ Catalogue CISA KEV ↗