• Tue. May 21st, 2024

7-Zip zero-day vulnerability grants privilege escalation


Apr 18, 2022
Hardware Software 2Hardware Software 2

PSA: A security researcher recently discovered a vulnerability in the file archiver 7-Zip that could give attackers high privileges and let them execute code. Developers have not yet released a patch, but users can quickly fix this vulnerability in the meantime.

Last week, researcher Kağan Çapar discovered and published a zero-day vulnerability in 7-Zip that can grant privilege escalation and command execution. Denoted as CVE-2022-29072, it affects Windows users with version 21.07 – the latest version as of now.

As the video below shows, an attacker with limited access to a system can activate the vulnerability by opening the “Help” window in 7-Zip under Help->Contents and sending a file with the .7z extension to that window. to tow. Any file with that extension will work. It doesn’t have to be a real 7z archive.

By running a child process under the 7zFM.exe process, the vulnerability could increase the attacker’s privileges and allow them to execute commands on the target system. Çapar attributes this to a misconfiguration in the 7z.dll file and heap overflow.

The Windows HTML helper file may also share some blame, as it may allow other programs to run commands. Çapar reports a similar vulnerability that works through the Windows HTML helper file and WinRAR.

Deleting the “7-zip.chm” file in the 7-Zip root may fix the problem until developers patch it. It is unclear when that will be.

This post 7-Zip zero-day vulnerability grants privilege escalation

was original published at “https://www.techspot.com/news/94248-7-zip-zero-day-vulnerability-grants-privilege-escalation.html”

By admin

Leave a Reply

Your email address will not be published. Required fields are marked *