A security researcher at Zero Day Initiative (ZDI) discovered a high-severity vulnerability in the WinRAR software that allows remote attackers to execute arbitrary code on the target system after opening a specially crafted RAR archive.
For those unaware, WinRAR is a popular file compression and archiver utility for Windows, which can create and view archives in RAR or ZIP file formats and unpack numerous archive file formats.
The security researcher, “goodbyeselene” reported the flaw to the vendor, RARLAB, on June 8th, 2023. The high-severity vulnerability, which was tracked as CVE-2023-40477 (CVSS score 7.8), has now been fixed.
The vulnerability can be exploited by hackers to create a RAR file. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute code in the context of the current process.
“The specific flaw exists within the processing of recovery volumes. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer,” reads the security advisory released on ZDI’s site.
Since the victim needs to be tricked into opening an archive, the severity of the vulnerability rating drops down to 7.8, as per the CVSS.
On August 2nd, 2023, RARLAB released WinRAR version 6.23 to correct the vulnerability. More details can be found here.
Meanwhile, all WinRAR users are strongly recommended to update to the aforementioned version as soon as possible.
