CVE-2025-0411

Publication date 25 January 2025

Last updated 14 February 2025


Ubuntu priority

Cvss 3 Severity Score

7.0 · High

Score breakdown

7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of archived files. When extracting files from a crafted archive that bears the Mark-of-the-Web, 7-Zip does not propagate the Mark-of-the-Web to the extracted files. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. Was ZDI-CAN-25456.

Read the notes from the security team

Why is this CVE high priority?

This CVE is in the CISA KEV list

Learn more about Ubuntu priority

Status

Package Ubuntu Release Status
7zip 24.10 oracular
Not affected
24.04 LTS noble
Not affected
22.04 LTS jammy
Not affected
20.04 LTS focal Not in release
p7zip 24.10 oracular
Not affected
24.04 LTS noble
Not affected
22.04 LTS jammy
Not affected
20.04 LTS focal
Not affected
18.04 LTS bionic
Not affected
16.04 LTS xenial
Not affected

Notes


mdeslaur

This flaw is only in the Windows-specific Mark-of-the-Web code, as such neither 7zip or p7zip on Ubuntu is affected by this issue.

Severity score breakdown

Parameter Value
Base score 7.0 · High
Attack vector Local
Attack complexity High
Privileges required None
User interaction Required
Scope Unchanged
Confidentiality High
Integrity impact High
Availability impact High
Vector CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H