WinRAR has been found to include a high-severity security weakness that might be used by a threat actor to execute remote code on Windows systems.
The vulnerability, identified as CVE-2023-40477 (CVSS score: 7.8), is a result of insufficient validation when processing recovery volumes.
According to a warning from the Zero Day Initiative (ZDI), “the problem results from improper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer.”The vulnerability “can be used by an attacker to execute code within the context of the current process read more New WinRAR Vulnerability Could Allow Hackers to Take Control of Your PC.
Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.