Directory Traversal Vulnerability in 7-Zip by 7-Zip Team
CVE-2025-11001

7HIGH

Key Information:

Vendor

7-zip
Status
7-zip
Vendor
CVE Published:
19 November 2025

Badges

๐Ÿฅ‡ Trended No. 1๐Ÿ“ˆ Trended๐Ÿ“ˆ Score: 8,450๐Ÿ’ฐ Ransomware๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC๐Ÿ“ฐ News Worthy

What is CVE-2025-11001?

CVE-2025-11001 is a directory traversal vulnerability identified in the popular file archiving software 7-Zip, which is widely used for compressing and decompressing files across various operating systems. This vulnerability arises from the way 7-Zip handles symbolic links within ZIP file structures, allowing remote attackers to exploit this flaw by crafting malicious ZIP files. When an affected user interacts with such a ZIP file, the software can be tricked into traversing to unintended directories, thus granting attackers the ability to execute arbitrary code on the system using the permissions of the user or service account executing 7-Zip. This can have serious consequences, particularly since 7-Zip is often used to handle sensitive files, leading to potential data breaches and unauthorized access to critical systems.

Potential impact of CVE-2025-11001

  1. Remote Code Execution: The primary risk associated with CVE-2025-11001 is the ability for attackers to execute arbitrary code remotely. This could allow them to take control of affected systems, install malware, or perform actions that would compromise the integrity and confidentiality of the data.

  2. Data Exposure: Since 7-Zip is commonly used to manage files that may contain sensitive or confidential information, a successful exploitation could lead to unauthorized access to files, resulting in data leaks that can have legal and financial ramifications.

  3. Service Account Compromise: The vulnerability allows attackers to execute code in the context of the service account under which 7-Zip is running. This could elevate an attacker's privileges, enabling them to navigate the network, access other resources, and potentially spread to additional systems within an organizational environment.

Affected Version(s)

7-Zip 24.09 (x64)

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-11001---7-Zip
Created by mbanyamer

News Articles

favicon imageSOC Prime

7-Zip CVE-2025-11001: NHS Alert on PoC RCE Flaw

Explore 7-Zip CVE-2025-11001, a symbolic link RCE vulnerability with a public PoC, with NHS guidance on impact, investigation, and detection.

2 weeks ago

favicon imageHackread

Critical 7 Zip Vulnerability With Public Exploit Requires Manual Update

A vulnerability has been found in the very popular, free file-compressing tool 7-Zip. The flaw, tracked as CVE-2025-11001, has a public exploit, leading to a high-risk warning from the UKโ€™s NHS England...

2 weeks ago

References

https://www.zerodayinitiative.com/advisories/ZDI-25-949/
x_research-advisory

CVSS V3.0

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿฅ‡

    Vulnerability reached the number 1 worldwide trending spot

  • ๐Ÿ“ˆ

    Vulnerability started trending

  • ๐Ÿ’ฐ

    Used in Ransomware

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • ๐Ÿ“ฐ

    First article discovered by GBHackers News

  • Vulnerability Reserved

JSON
.
CVE-2025-11001 : Directory Traversal Vulnerability in 7-Zip by 7-Zip Team