⚠ Actively exploited
Added to CISA KEV on 2025-02-06. Federal agencies required to patch by 2025-02-27. Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable..
CVE-2025-0411 — Protection Mechanism Failure in 7-zip
Severity
7.0HIGHNVD
EPSS
52.4%
top 2.06%
CISA KEV
KEV
Added 2025-02-06
Due 2025-02-27
Exploit
No known exploits
Affected products
Timeline
PublishedJan 25
KEV addedFeb 6
KEV dueFeb 27
CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Description
7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of archived files. When extracting files from a crafted archive that bears the Mark-of-the-Web, 7-Zip does not propagate the Mark-of-the-Web to the …
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9
Affected Packages5 packages
🔴Vulnerability Details
3📋Vendor Advisories
2🕵️Threat Intelligence
13Trendmicro▶
CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks↗2025-02-04
Trendmicro▶
CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks↗2025-02-04
Trendmicro▶
CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks↗2025-02-04
Trendmicro▶
CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks↗2025-02-04
Trendmicro▶
CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks↗2025-02-04