Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2022-29072
CVE-2022-29072:
7-Zip vulnerability analysis and mitigation
Overview
CVE-2022-29072 affects 7-Zip through version 21.07 on Windows systems. The vulnerability allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area. This vulnerability was discovered in April 2022 and is caused by a misconfiguration of 7z.dll and a heap overflow, where the command runs in a child process under the 7zFM.exe process. However, the vulnerability is disputed as multiple third parties have reported that no privilege escalation can occur (NVD, SecurityOnline).
Technical details
The vulnerability involves interaction with Windows HTML Helper (hh.exe) and occurs when files are dragged to the help content area. The issue stems from two components: a heap overflow vulnerability in 7zFM.exe and a command execution feature in the Windows HTML Helper. The CVSS v3.1 base score is 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The vulnerability is classified under CWE-787 (Out-of-bounds Write) and CWE-122 (Heap-based Buffer Overflow) (NVD).
Impact
If successfully exploited, the vulnerability could allow an attacker to escalate privileges to administrator level and execute arbitrary commands on the affected system. The command execution occurs as a child process under 7zFM.exe, potentially granting elevated privileges to the attacker (SecurityOnline).
Mitigation and workarounds
A temporary mitigation is available by deleting the 7-zip.chm file in the 7-Zip installation directory. This prevents exploitation of the CVE-2022-29072 vulnerability. As of the initial disclosure, no official patch had been released by the 7-Zip developers (SecurityOnline).
Community reactions
The vulnerability has been subject to significant debate in the security community. Some researchers have questioned the validity of the privilege escalation claims, while others have noted that the attack vector (dragging files to the help window) is unusual and unlikely to be exploited in real-world scenarios. The 7-Zip developers have disputed whether the issue lies with their software or with the Windows HTML Helper system (HackerNews).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management