Search for vulnerabilities
Vulnerability ID | VCID-jeyu-c3rr-aaaq |
Aliases |
CVE-2023-38831
|
Summary | RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through August 2023. |
Status | Published |
Exploitability | 2.0 |
Weighted Severity | 7.0 |
Risk | 10.0 |
Affected and Fixed Packages | Package Details |
Data source | Metasploit |
---|---|
Description | This module exploits a vulnerability in WinRAR (CVE-2023-38831). When a user opens a crafted RAR file and its embedded document, the decoy document is executed, leading to code execution. |
Note | Stability: - crash-safe Reliability: - repeatable-session SideEffects: - ioc-in-logs - artifacts-on-disk |
Ransomware campaign use | Unknown |
Source publication date | Aug. 23, 2023 |
Platform | Windows |
Source URL | https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/fileformat/winrar_cve_2023_38831.rb |
Data source | KEV |
---|---|
Date added | Aug. 24, 2023 |
Description | RARLAB WinRAR contains an unspecified vulnerability that allows an attacker to execute code when a user attempts to view a benign file within a ZIP archive. |
Required action | Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. |
Due date | Sept. 14, 2023 |
Note | http://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=232&cHash=c5bf79590657e32554c6683296a8e8aa; https://nvd.nist.gov/vuln/detail/CVE-2023-38831 |
Ransomware campaign use | Known |
Attack Vector (AV) | Attack Complexity (AC) | Privileges Required (PR) | User Interaction (UI) | Scope (S) | Confidentiality Impact (C) | Integrity Impact (I) | Availability Impact (A) |
---|---|---|---|---|---|---|---|
network adjacent_network local physical |
low high |
none low high |
none required |
unchanged changed |
high low none |
high low none |
high low none |
Attack Vector (AV) | Attack Complexity (AC) | Privileges Required (PR) | User Interaction (UI) | Scope (S) | Confidentiality Impact (C) | Integrity Impact (I) | Availability Impact (A) |
---|---|---|---|---|---|---|---|
network adjacent_network local physical |
low high |
none low high |
none required |
unchanged changed |
high low none |
high low none |
high low none |
Percentile | 0.97462 |
EPSS Score | 0.43876 |
Published At | Nov. 1, 2024, midnight |
Date | Actor | Action | Source | VulnerableCode Version |
---|---|---|---|---|
There are no relevant records. |