7-Zip Security Flaw Allows Malicious File Writes and Potential Exploits
Summary Security Advisory: 7-Zip Security Flaw
A vulnerability in 7-Zip (versions before 25.01) allows attackers to abuse symbolic links in archive files to write files outside the intended extraction directory.
| Severity | Low |
| CVSS Score | 3.6 |
| CVEs | CVE-2025-55188 |
| POC Available | No |
| Actively Exploited | No |
| Exploited in Wild | No |
| Advisory Version | 1.0 |
Overview
This can lead to overwriting sensitive files, potentially enabling code execution or privilege escalation. The flaw is primarily exploitable on Linux systems due to common file permission models but can also impact Windows under specific conditions. Affected archive formats include ZIP, TAR, 7Z and RAR.
The security flaw was reported and discoverd by security researcher lunbun, who identified that 7-Zip fails to properly validate symbolic links when extracting certain archive formats.
| Vulnerability Name | CVE ID | Product Affected | Severity | Fixed Version |
| 7-Zip Arbitrary File Write via Symbolic Link Flaw | CVE-2025-55188 | 7-Zip | Low | 25.01 and later. |
Technical Summary
Cause: Improper validation of symbolic links during archive extraction.
Attack Vector: Malicious archives can contain symlinks pointing outside the extraction directory.
Impact: Overwrites arbitrary files on the system. On Linux, this can replace startup scripts, configuration files, or binaries to gain elevated privileges. On Windows, exploitation requires write access to target paths.
Affected Formats: ZIP, TAR, 7Z, RAR.
| CVE ID | CVSS Score | System Affected | Vulnerability Details | Impact |
| CVE-2025-55188 | 3.6 | Linux, Windows 7-Zip versions | 7-Zip mishandles symbolic links in archives, letting attackers write files anywhere on the system during extraction. | Code execution, Privilege escalation |
Recommendations:
Here are some recommendations below
- Update 7-Zip to version 25.01 or latest one.
- Avoid extracting archives from untrusted sources.
- Always consider using sandboxed environments for unknown files extraction.
Conclusion:
While CVE-2025-55188 carries a low CVSS score, the real-world impact can be severe in certain environments, especially on Linux systems with high-privilege extraction processes.
Immediate patching to 7-Zip 25.01 or later is strongly advised to mitigate the risk of arbitrary file overwrite attacks.
The researcher has submitted a request for reevaluation of the CVSS score and offered to provide proof-of-concept demonstrations to package repository maintainers who require additional verification.
References:
Recent Comments