CVE-2025-31334Product UI does not Warn User of Unsafe Actions in Winrar

CWE-356Product UI does not Warn User of Unsafe Actions4 documents4 sources
Severity
6.8MEDIUMNVD
EPSS
0.4%
top 39.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Rarlab Winrar
Timeline
PublishedApr 3
Latest updateApr 5

Description

Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in WinRAR versions prior to 7.11. If a symbolic link specially crafted by an attacker is opened on the affected product, arbitrary code may be executed.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages2 packages

NVDrarlab/winrar< 7.11
CVEListV5rarlab/winrarprior to 7.11

🔴Vulnerability Details

2
CVEList
CVE-2025-31334: Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in2025-04-03
GHSA
GHSA-2mpw-8427-rgcw: Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in2025-04-03

🕵️Threat Intelligence

1
Bleepingcomputer
WinRAR flaw bypasses Windows Mark of the Web security alerts2025-04-05
CVE-2025-31334 — Rarlab Winrar vulnerability | cvebase