CVE-2023-38831 - RARLAB WinRAR Code Execution Vulnerability

Vulnerability Name

RARLAB WinRAR Code Execution Vulnerability

Description

RARLAB WinRAR contains an unspecified vulnerability that allows an attacker to execute code when a user attempts to view a benign file within a ZIP archive.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

http://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=232&cHash=c5bf79590657e32554c6683296a8e8aa

https://nvd.nist.gov/vuln/detail/CVE-2023-38831

Related News Articles

Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 ServersMarch 21, 2025

Russian cyber spies hide behind other hackers to target UkraineDecember 12, 2024

Russian Turla hackers hit Starlink-connected devices in UkraineDecember 12, 2024

APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell MalwareNovember 23, 2024

Cloudflare Warns of India-Linked Hackers Targeting South and East Asian EntitiesSeptember 26, 2024