Wiz
Vulnerability DatabaseCVE-2025-11001

CVE-2025-11001
7-Zip vulnerability analysis and mitigation

Overview

A critical security vulnerability (CVE-2025-11001) was discovered in 7-Zip, affecting versions from 21.02 up to version 25.00. The flaw was discovered by Ryota Shiga of GMO Flatt Security Inc., along with the company's AI-powered AppSec Auditor Takumi, and was publicly disclosed on October 7, 2025. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip through the manipulation of symbolic links in ZIP files (Zero Day Initiative, Hacker News).

Technical details

The vulnerability has been assigned a CVSS score of 7.0 (AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H). The specific flaw exists within the handling of symbolic links in ZIP files, where crafted data can cause the process to traverse to unintended directories. The vulnerability is specifically limited to Windows systems and can only be exploited from the context of an elevated user/service account or a machine with developer mode enabled (Zero Day Initiative, Help Net Security).

Impact

When successfully exploited, the vulnerability allows attackers to execute code in the context of a service account. The attack requires user interaction, but the vectors may vary depending on the implementation. The impact is particularly significant for systems where 7-Zip is used with elevated privileges (Zero Day Initiative, Security Affairs).

Mitigation and workarounds

The vulnerability has been fixed in 7-Zip version 25.00, released in July 2025. Users are strongly advised to upgrade to this version or later as soon as possible, especially given that 7-Zip does not have an auto-update feature. This is particularly crucial due to the availability of public proof-of-concept exploits and active exploitation in the wild (Help Net Security, Hacker News).

Community reactions

NHS England Digital has issued a warning about the active exploitation of the vulnerability, highlighting the serious nature of the threat. The security community has responded by urging immediate updates, particularly given the software's widespread use and the availability of proof-of-concept exploits (Security Affairs, Help Net Security).

Additional resources

SourceThis report was generated using AI

Related 7-Zip vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-11001HIGH7
  • 7-Zip7-Zip
  • 7zip-standalone-all-debuginfo
NoYesNov 19, 2025
CVE-2025-53817MEDIUM5.5
  • 7-Zip7-Zip
  • cpe:2.3:a:7-zip:7-zip
NoYesJul 17, 2025
CVE-2025-53816MEDIUM5.5
  • 7-Zip7-Zip
  • 7zip-rar
NoYesJul 17, 2025
CVE-2025-55188LOW3.6
  • 7-Zip7-Zip
  • 7zip
NoYesAug 08, 2025
CVE-2022-47112LOW3.3
  • 7-Zip7-Zip
  • 7zip
NoYesApr 19, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo