Searching
..

Click anywhere to stop

KLA12514
PE vulnerability in 7-Zip

Updated: 01/25/2024
Detect date
?
04/15/2022
Severity
?
Warning
Description

Privilege escalation vulnerability was found in 7-Zip. Malicious users can exploit this vulnerability to gain privileges and execute arbitrary code by dragging and dropping file with the .7z extension to the Help>Contents area.
The vulnerability announced in version 21.07 and disputed by vendor.

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Affected products

7-Zip 21.07 and earlier

Solution

Update 7-Zip to the latest version when а new patch will be available

Original advisories

CVE-2022-29072
CVE-2022-29072 on GitHub

Impacts
?
ACE 
[?]

PE 
[?]
Related products
7-Zip
CVE-IDS
?
CVE-2022-290727.8Critical
Find out the statistics of the vulnerabilities spreading in your region