7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.192 Low
EPSS
Percentile
96.3%
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
Recent assessments:
Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0
packetstormsecurity.com/files/174573/WinRAR-Remote-Code-Execution.html
blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38831
github.com/b1tg/CVE-2023-38831-winrar-exploit
github.com/knight0x07/WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
github.com/Mich-ele/CVE-2023-38831-winrar
news.ycombinator.com/item?id=37236100
www.bleepingcomputer.com/news/security/winrar-zero-day-exploited-since-april-to-hack-trading-accounts/
www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.192 Low
EPSS
Percentile
96.3%