Directory Traversal Vulnerability in 7-Zip by 7-Zip Team
CVE-2025-11001

7HIGH

Key Information:

Vendor

7-zip
Status
7-zip
Vendor
CVE Published:
19 November 2025

Badges

šŸ“ˆ Score: 132šŸ“° News Worthy

What is CVE-2025-11001?

CVE-2025-11001 is a directory traversal vulnerability identified in the popular file archiving software 7-Zip, which is widely used for compressing and decompressing files across various operating systems. This vulnerability arises from the way 7-Zip handles symbolic links within ZIP file structures, allowing remote attackers to exploit this flaw by crafting malicious ZIP files. When an affected user interacts with such a ZIP file, the software can be tricked into traversing to unintended directories, thus granting attackers the ability to execute arbitrary code on the system using the permissions of the user or service account executing 7-Zip. This can have serious consequences, particularly since 7-Zip is often used to handle sensitive files, leading to potential data breaches and unauthorized access to critical systems.

Potential impact of CVE-2025-11001

  1. Remote Code Execution: The primary risk associated with CVE-2025-11001 is the ability for attackers to execute arbitrary code remotely. This could allow them to take control of affected systems, install malware, or perform actions that would compromise the integrity and confidentiality of the data.

  2. Data Exposure: Since 7-Zip is commonly used to manage files that may contain sensitive or confidential information, a successful exploitation could lead to unauthorized access to files, resulting in data leaks that can have legal and financial ramifications.

  3. Service Account Compromise: The vulnerability allows attackers to execute code in the context of the service account under which 7-Zip is running. This could elevate an attacker's privileges, enabling them to navigate the network, access other resources, and potentially spread to additional systems within an organizational environment.

Affected Version(s)

7-Zip 24.09 (x64)

News Articles

favicon imageThe Hacker News

Hackers Actively Exploiting 7-Zip Symbolic Linkā€“Based RCE Vulnerability (CVE-2025-11001)

Active exploitation targets 7-Zip CVE-2025-11001; patch 25.00 fixes symbolic link RCE flaws.

12 hours ago

favicon imageRed Hot Cyber

Online PoC for 7-Zip flaws: Exploit allows arbitrary code execution

Critical vulnerabilities discovered in 7-Zip that allow arbitrary code execution via malicious ZIP files. An immediate update is required.

favicon imageCyber Security News

PoC Exploit for 7-Zip Vulnerabilities that Allows Remote Code Execution

A proof-of-concept exploit for two critical vulnerabilities in the popular file archiver 7-Zip, potentially allowing attackers to execute arbitrary code remotely through malicious ZIP files.

References

https://www.zerodayinitiative.com/advisories/ZDI-25-949/
x_research-advisory

CVSS V3.0

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • šŸ“°

    First article discovered by GBHackers News

  • Vulnerability Reserved

JSON
.
CVE-2025-11001 : Directory Traversal Vulnerability in 7-Zip by 7-Zip Team