CVE-2023-38831 - RARLAB WinRAR Code Execution Vulnerability
Project:RARLAB
Product:WinRAR
Date Added:2023-08-24Due Date:2023-09-14
Vulnerability Name
RARLAB WinRAR Code Execution Vulnerability
Description
RARLAB WinRAR contains an unspecified vulnerability that allows an attacker to execute code when a user attempts to view a benign file within a ZIP archive.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
http://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=232&cHash=c5bf79590657e32554c6683296a8e8aa
https://nvd.nist.gov/vuln/detail/CVE-2023-38831
Related News Articles
Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 ServersMarch 21, 2025
Russian cyber spies hide behind other hackers to target UkraineDecember 12, 2024
Russian Turla hackers hit Starlink-connected devices in UkraineDecember 12, 2024
APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell MalwareNovember 23, 2024
Cloudflare Warns of India-Linked Hackers Targeting South and East Asian EntitiesSeptember 26, 2024