CVE-2023-38831 - RARLAB WinRAR Code Execution Vulnerability

Vulnerability Name

RARLAB WinRAR Code Execution Vulnerability

Description

RARLAB WinRAR contains an unspecified vulnerability that allows an attacker to execute code when a user attempts to view a benign file within a ZIP archive.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

http://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=232&cHash=c5bf79590657e32554c6683296a8e8aa

https://nvd.nist.gov/vuln/detail/CVE-2023-38831

Related News Articles

Russian hackers breach orgs to track aid routes to UkraineMay 22, 2025

Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid LogisticsMay 22, 2025

Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 ServersMarch 21, 2025

Russian cyber spies hide behind other hackers to target UkraineDecember 12, 2024

Russian Turla hackers hit Starlink-connected devices in UkraineDecember 12, 2024