Critical Remote Code Execution Vulnerability Identified in WinZip: CVE-2025-1240

February 14, 2025

A critical vulnerability, designated as CVE-2025-1240, has been unearthed in the popular file compression software, WinZip. This vulnerability could potentially allow remote cyber attackers to execute arbitrary code on affected systems. The flaw is rooted in how WinZip processes 7Z files and could be exploited if a user engages with a malicious file or webpage.

The vulnerability, which has a CVSS score of 7.8, originates from insufficient validation of data provided by users during the parsing of 7Z files. As the advisory states, “The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer.” This buffer overflow can then be exploited by an attacker to execute code within the context of the current WinZip process.

Despite the severity of the vulnerability, its exploitation necessitates user interaction. The advisory further elaborates that “User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.” This implies that attackers would need to deceive users into opening a specially crafted 7Z file or visiting a compromised website that hosts such a file. Social engineering methods, such as phishing emails or malicious ads, could be employed to ensnare victims.

The potential repercussions of successful exploitation are severe. Remote code execution vulnerabilities can allow attackers to seize complete control of a victim’s system, enabling them to exfiltrate sensitive data, install malware, or even utilize the compromised machine as part of a botnet.

Fortunately, the CVE-2025-1240 vulnerability has been rectified in WinZip version 29.0. Users of older versions are strongly encouraged to upgrade to version 29.0 immediately to safeguard themselves from this threat. Given the potential severity of the vulnerability, swift action is of the essence.

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.