CVE-2023-38831 - RARLAB WinRAR Code Execution Vulnerability

Vulnerability Name

RARLAB WinRAR Code Execution Vulnerability

Description

RARLAB WinRAR contains an unspecified vulnerability that allows an attacker to execute code when a user attempts to view a benign file within a ZIP archive.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

http://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=232&cHash=c5bf79590657e32554c6683296a8e8aa

https://nvd.nist.gov/vuln/detail/CVE-2023-38831

Related News Articles

WinRAR Zero-Day Under Active Exploitation – Update to Latest Version ImmediatelyAugust 11, 2025

CERT-UA Warns of HTA-Delivered C# Malware Attacks Using Court Summons LuresAugust 6, 2025

Russian hackers breach orgs to track aid routes to UkraineMay 22, 2025

Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid LogisticsMay 22, 2025

Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 ServersMarch 21, 2025