CVE-2023-40481
published 2024-05-03CVE-2023-40481: 7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on…
PriorityP353high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
EPSS
26.89%
97.8th percentile
7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of SQFS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18589.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| 7-zip | 7-zip | — | — |
| 7-zip | p7zip | >= 0 < 16.02+transitional.1 | 16.02+transitional.1 |
| debian | 7zip | < 7zip 23.01+dfsg-1 (forky) | 7zip 23.01+dfsg-1 (forky) |
| debian | p7zip | < 7zip 23.01+dfsg-1 (forky) | 7zip 23.01+dfsg-1 (forky) |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv7.8HIGH
vendor_debian7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Rockwell Automation AADvance Trusted SIS Workstation
cisa_ics·2024-09-12·CVSS 7.8
[HIGH] Rockwell Automation AADvance Trusted SIS Workstation
ICS Advisory
##
Rockwell Automation AADvance Trusted SIS Workstation
Release DateSeptember 12, 2024
Alert CodeICSA-24-256-20
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.8
- ATTENTION: Low attack complexity
- Vendor: Rockwell Automation
- Equipment: AADvance Trusted SIS Workstation
- Vulnerabilities: Improper Input Validation
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could result in an attacker executing code within the context of a current process.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of AADvance Trusted SIS Workstation, a manufacturing controller management suite, are affected:
- AADvance Trusted SI
Debian
CVE-2023-40481: 7zip - 7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerabil...
vendor_debian·2023·CVSS 7.8
CVE-2023-40481 [HIGH] CVE-2023-40481: 7zip - 7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerabil...
7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SQFS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18589.
Scope: local
bookworm: open
forky: resolved (fixed in 23.01+dfsg-1)
sid: resolved (fixed in 23.01+dfsg-1)
trixie: resolved (fixed in 23.01+dfsg-1)
OSV
CVE-2023-40481: 7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
osv·2024-05-03·CVSS 7.8
CVE-2023-40481 [HIGH] CVE-2023-40481: 7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SQFS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18589.
GHSA
GHSA-cxpp-vp7p-m7fw: 7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ghsa_unreviewed·2024-05-03
CVE-2023-40481 [HIGH] CWE-787 GHSA-cxpp-vp7p-m7fw: 7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of SQFS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18589.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-05-03
Published