CVE-2025-33027: 
Bandisoft Bandizip vulnerability analysis and mitigation

In Bandisoft Bandizip through version 7.37, there exists a Mark-of-the-Web (MotW) Bypass Vulnerability that allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations. The vulnerability was discovered in April 2025 and affects all versions of Bandizip up to and including version 7.37 (Bandizip Website, GitHub Advisory).

The vulnerability exists within the handling of archived files. When extracting files from a crafted archive that bears the Mark-of-the-Web, Bandizip fails to propagate the MotW tag to the extracted files. This causes the system to treat the extracted files as local, trusted files rather than maintaining their internet-originated status. The vulnerability has received a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (NVD).

The vulnerability can allow attackers to execute arbitrary code in the context of the current user. When exploited, files such as macro-enabled Office documents or executable scripts are treated as trusted files and can be executed without triggering security alerts. This can lead to code execution, escalation of privileges, and potential information disclosure (GitHub Advisory).

As of the vulnerability disclosure, no official fix has been made available for this vulnerability. Users are advised to exercise caution when extracting files from archives downloaded from untrusted sources (GitHub Advisory).