7-Zip Vulnerabilities: Directory Escape and Remote Execution
Two vulnerabilities, CVE-2025-11001 and CVE-2025-11002, rated 7.0 CVSS, expose 7-Zip to attacks via ZIP archives with malformed symbolic links.
When a victim opens the archive, the attacker can overwrite or replace system files, including DLLs used by privileged services, potentially enabling remote code execution.
- The vulnerabilities exploit improper handling of symbolic links inside ZIP archives.
- 7-Zip may follow or recreate symlinks without verifying they remain inside the intended destination.
- A crafted ZIP can cause writes or replacements of arbitrary files on the system.
Patches are bundled in build 25.00. Users should install the update without delay or at least disable automatic archive extraction.
Both vulnerabilities exploit improper handling of symbolic links inside ZIP archives.
Author's summary: 7-Zip vulnerabilities expose system to attacks via ZIP archives.