Ethical Hacking News
A recently disclosed vulnerability in 7-Zip has come under active exploitation in the wild, according to an advisory issued by the U.K. NHS England Digital on Tuesday. The identified flaw, CVE-2025-11001, allows remote attackers to execute arbitrary code, posing a serious threat to users who fail to address it promptly. Follow us for exclusive updates and insights into this emerging threat landscape.
7-Zip vulnerability CVE-2025-11001 has been rated at high severity level 7.0 on CVSS.Vulnerability allows remote attackers to execute arbitrary code, making it a serious concern for users.NHS England Digital advises users to apply the latest patch as soon as possible to address this vulnerability.The vulnerability was first reported by Ryota Shiga and Takumi of GMO Flatt Security Inc.Active exploitation has been observed in the wild, but no information is available on how it's being weaponized.
In a recent development that has sent shockwaves through the cybersecurity community, a vulnerability was uncovered in 7-Zip, a popular file compression software. The identified flaw, CVE-2025-11001, has been rated at a high severity level of 7.0 on the Common Vulnerability Scoring System (CVSS), indicating its potential impact and exploitability.
According to an advisory issued by the NHS England Digital, this vulnerability allows remote attackers to execute arbitrary code, making it a serious concern for users. The specific flaw exists within the handling of symbolic links in ZIP files, which can be exploited to cause the process to traverse to unintended directories. This vulnerability was first reported by Ryota Shiga and Takumi of GMO Flatt Security Inc., who credited with discovering and reporting it.
The identified vulnerability has been addressed in 7-Zip version 25.00 released in July 2025, which also resolves another flaw, CVE-2025-11002, that allows for remote code execution by taking advantage of improper handling of symbolic links within ZIP archives, resulting in directory traversal. Both shortcomings were introduced in version 21.02.
NHS England Digital has noted that active exploitation of CVE-2025-11001 has been observed in the wild; however, there are currently no details available on how it's being weaponized, by whom, and in what context. This lack of information underscores the importance of prompt action to address this vulnerability and protect users from potential harm.
"It's essential that 7-Zip users move quickly to apply the necessary fixes as soon as possible, if not already," said security researcher Dominik (aka pacbypass), who released a proof-of-concept (PoC) exploit detailing the flaw. "This vulnerability can only be exploited from the context of an elevated user/service account or a machine with developer mode enabled." This vulnerability can only be exploited on Windows.
The discovery of this new vulnerability highlights the ongoing cat-and-mouse game between cybersecurity researchers and threat actors, who continually push the boundaries of exploitability and vulnerability. It also underscores the importance of keeping software up-to-date and regularly monitoring for security patches to protect against such threats.
In light of this new development, users are advised to take immediate action to address this vulnerability and ensure their 7-Zip installations are updated with the latest patch. Furthermore, it is essential that organizations prioritize cybersecurity measures to prevent similar vulnerabilities from being exploited in the future.
The growing threat landscape demands constant vigilance and proactive measures from individuals and organizations alike. By staying informed about emerging threats and taking swift action to address them, we can mitigate the impact of such vulnerabilities and ensure a safer digital environment for all.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Growing-Threat-Landscape-A-New-Vulnerability-Uncovered-in-7-Zip-Leaving-Users-Vulnerable-to-Remote-Code-Execution-ehn.shtml
https://thehackernews.com/2025/11/hackers-actively-exploiting-7-zip.html
https://digital.nhs.uk/cyber-alerts/2025/cc-4719
https://nvd.nist.gov/vuln/detail/CVE-2025-11001
https://www.cvedetails.com/cve/CVE-2025-11001/
https://nvd.nist.gov/vuln/detail/CVE-2025-11002
https://www.cvedetails.com/cve/CVE-2025-11002/
Published: Fri Nov 21 01:20:16 2025 by llama3.2 3B Q4_K_M
