Critical WinRAR RCE Flaw Fixed—Update Now (CVE-2025-6218)
▼ Summary
– A directory traversal vulnerability (CVE-2025-6218) in WinRAR allows remote attackers to execute arbitrary code on affected systems.
– The vulnerability has been patched in WinRAR 7.12 beta 1, released on June 10, 2025, and users should upgrade immediately.
– CVE-2025-6218 involves improper handling of file paths in archives, enabling attackers to execute code via crafted file paths if a user opens a malicious file.
– The vulnerability affects WinRAR v7.11 and earlier, along with Windows versions of RAR, UnRAR, and related components, but not Unix or Android versions.
– WinRAR’s lack of automatic updates requires users to manually install patches, making it a frequent target for attackers due to its 500+ million users.
A critical security flaw in WinRAR has been patched, requiring immediate action from users to prevent potential remote code execution attacks. Tracked as CVE-2025-6218, this directory traversal vulnerability could allow attackers to manipulate file paths within archives, leading to unauthorized code execution on vulnerable systems.
The issue was addressed in WinRAR 7.12 beta 1, released on June 10, 2025. While this version is currently in beta, the final stable release is expected shortly. Users running WinRAR 7.11 or earlier should update immediately to mitigate the risk.
WinRAR, a widely used file compression tool for Windows, supports multiple archive formats, including RAR and ZIP. The vulnerability stems from improper handling of file paths within archives. According to researchers at Trend Micro’s Zero Day Initiative, who discovered the flaw, a specially crafted file path could trick the software into accessing unintended directories, enabling attackers to run malicious code under the victim’s privileges.
Exploiting this flaw requires user interaction, either opening a malicious file or visiting a compromised webpage. Affected versions include WinRAR 7.11 and earlier, along with Windows-based RAR, UnRAR, and related components. Unix versions, including RAR for Android, remain unaffected.
WinRAR’s massive user base, over 500 million installations worldwide, makes it a prime target for cybercriminals. Unlike many modern applications, WinRAR lacks automatic updates, meaning users must manually download and install the latest version to stay protected.
Given the severity of this vulnerability, delaying updates could leave systems exposed to exploitation. Proactive patching remains the best defense against potential attacks leveraging this flaw. For those relying on WinRAR, checking for updates and applying them without delay is strongly recommended.
Staying informed about emerging threats is crucial in maintaining cybersecurity. Subscribing to reliable security bulletins ensures timely awareness of critical vulnerabilities and necessary mitigation steps.
(Source: HELPNETSECURITY)
