CVE-2025-11002

Published Jan 23, 2026

Last updated 4 days ago

CVSS high 7.0
7-Zip

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-11002 is a vulnerability that exists within the handling of symbolic links in ZIP files by 7-Zip. By crafting malicious data within a ZIP file, an attacker can cause the application to traverse to unintended directories. This vulnerability could allow remote attackers to execute arbitrary code on affected installations of 7-Zip. The vulnerability stems from the improper processing of symbolic links within ZIP archives, potentially allowing a malicious ZIP file to force traversal outside the intended extraction directory. Exploitation requires user interaction, such as opening or extracting a malicious ZIP file. 7-Zip version 25.00 addresses the vulnerability.

Description
7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of symbolic links in ZIP files. Crafted data in a ZIP file can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of a service account. Was ZDI-CAN-26743.
Source
zdi-disclosures@trendmicro.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.0

Type
Secondary
Base score
7
Impact score
5.9
Exploitability score
1
Vector string
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

zdi-disclosures@trendmicro.com
CWE-22

Social media

Hype score
Not currently trending

  1. CVE-2025-11002 7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected insta… https://t.co/rQQkvOnMau

    @CVEnew

    23 Jan 2026

    137 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. A critical RCE vulnerability (CVE-2025-11001) in 7-Zip is actively exploited via symbolic link ZIP files on Windows. Version 25.00 released addressing this and CVE-2025-11002. #7ZipUpdate #RemoteCodeExec #WindowsSecurity https://t.co/8mpEZlnepf

    @TweetThreatNews

    19 Nov 2025

    30 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  3. #VulnerabilityReport #7Zip Two 7-Zip Flaws Allow Code Execution via Malicious ZIP Files (CVE-2025-11001 & CVE-2025-11002) https://t.co/3zdteOlauj

    @Komodosec

    17 Nov 2025

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Two ZDI-disclosed bugs (CVE-2025-11001 & CVE-2025-11002) in 7-Zip's Linux-to-Windows symlink handling allow unsafe path writes during extraction. Fixed in v25.00 with patched IsSafePath checks. #7ZipBugs #LinuxSecurity #USA https://t.co/5NYfSIIQp8

    @TweetThreatNews

    8 Nov 2025

    26 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 7-Zip Vulnerability: New CVEs Allow Remote Code Execution and File Overwrites Two new vulnerabilities (CVE-2025-11001 and CVE-2025-11002) have been discovered in 7-Zip, one of the most widely used file archivers on Windows. These flaws allow attackers to perform directory https:

    @john_video

    26 Oct 2025

    57 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 7-Zip Vulnerability: New CVEs Allow Remote Code Execution and File Overwrites Two new vulnerabilities (CVE-2025-11001 and CVE-2025-11002) have been discovered in 7-Zip, one of the most widely used file archivers on Windows. These flaws allow attackers to perform directory https:

    @john_video

    25 Oct 2025

    44 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  7. In this episode of IT SPARC Cast - CVE of The Week, @john_Video and @loudoggeek unpack a fresh pair of vulnerabilities affecting one of the most common tools on Windows desktops — 7-Zip. Tracked as CVE-2025-11001 and CVE-2025-11002, these directory traversal flaws allow https:

    @ITSPARCCast

    24 Oct 2025

    69 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    1 Quote

  8. Critical alert: Two high-severity 7-Zip vulnerabilities (CVE-2025-11001 & CVE-2025-11002) allow arbitrary code execution via symbolic link manipulation in ZIP files. Versions 21.02–24.09 affected. Update to 25.01+ immediately. A public PoC is already available. Don't wait.

    @ctrlaltnod

    21 Oct 2025

    84 Impressions

    1 Retweet

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. 🛑 Deux nouvelles failles de sécurité découvertes dans 7-Zip - Quels sont les risques ? Comment se protéger ? 🩹 CVE-2025-11001 🩹 CVE-2025-11002 🧷 Tous les détails sur IT-Connect : https://t.co/Nu0P2E8WfX #7zip #windows #infosec https://t.co/1CiwRJBC1I

    @ITConnect_fr

    21 Oct 2025

    612 Impressions

    13 Retweets

    9 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

  10. Windows users should update 7-Zip to version 25.00 or later to fix two significant “path traversal” vulnerabilities (CVE-2025-11001 and CVE-2025-11002) that can allow remote code execution, caused by the handling of symbolic links in ZIP files. https://t.co/pnCF7Kthky https:/

    @AlternativeTo

    20 Oct 2025

    2923 Impressions

    20 Retweets

    62 Likes

    17 Bookmarks

    1 Reply

    0 Quotes

  11. [1day1line] CVE-2025-11001, CVE-2025-11002: Symbolic-link handling bugs in 7-Zip leading to Arbitrary File Write / RCE potential Today’s 1day1line: 7-Zip’s ZIP extraction logic misparse Linux/WSL-style links and mistakenly treat them as Windows absolute paths, causing an htt

    @hackyboiz

    19 Oct 2025

    1829 Impressions

    5 Retweets

    29 Likes

    16 Bookmarks

    0 Replies

    0 Quotes

  12. 🚨 7-Zip PoC exploit published — two symlink-handling RCEs (CVE-2025-11001, CVE-2025-11002) in 7-Zip ≤24.09. A crafted ZIP with malicious symlinks can cause directory traversal / symlink substitution during extraction, allowing arbitrary file writes outside the target folde

    @Ind_Cyber_News

    19 Oct 2025

    80 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. 🚨 A public PoC exploit for 7-Zip flaws (CVE-2025-11001, CVE-2025-11002) is out — enabling file writes & possible code execution. Update to 7-Zip 25.00 now! ⚠️ Read More: https://t.co/c2thCsNh1g #CyberSecurity #7Zip #PatchNow https://t.co/3CMk8S7ctc

    @FindSecCyber

    18 Oct 2025

    58 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. GitHub - pacbypass/CVE-2025-11001: Exploit for CVE-2025-11001 or CVE-2025-11002 https://t.co/SqAe7wZp9U

    @akaclandestine

    15 Oct 2025

    3283 Impressions

    9 Retweets

    50 Likes

    22 Bookmarks

    0 Replies

    0 Quotes

  15. GitHub - pacbypass/CVE-2025-11001: Exploit for CVE-2025-11001 or CVE-2025-11002 - https://t.co/zzw84tPE13

    @piedpiper1616

    15 Oct 2025

    2485 Impressions

    18 Retweets

    37 Likes

    16 Bookmarks

    0 Replies

    0 Quotes

  16. Se han identificado dos vulnerabilidades críticas en #7Zip (CVE-2025-11001 y CVE-2025-11002) que permiten ejecución remota de código mediante archivos ZIP manipulados. Afectan versiones anteriores a la 25.01 y requieren actualización inmediata https://t.co/jigpLnryUn https://

    @henryraul

    14 Oct 2025

    131 Impressions

    10 Retweets

    10 Likes

    1 Bookmark

    1 Reply

    1 Quote

  17. Our Co-CTO @Ga_ryo_ and our pentesting AI agent, Takumi, have discovered arbitrary code execution vulnerabilities in 7-Zip. CVE-2025-11001: https://t.co/XowVByWd9A CVE-2025-11002: https://t.co/xBTZsI0boN Please refer to the advisories and take appropriate measures.

    @flatt_sec_en

    14 Oct 2025

    1511 Impressions

    2 Retweets

    6 Likes

    1 Bookmark

    0 Replies

    1 Quote

  18. 7-ZipにZIP解凍時のパストラバーサル 脆弱性(CVE-2025-11001,CVE-2025-11002)、今すぐアップデートを https://t.co/fB76uT0BLl #セキュリティ対策Lab #セキュリティ #Security

    @securityLab_jp

    13 Oct 2025

    102 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  19. ⚠️Vulnerabilidades en 7-Zip ❗CVE-2025-11001 ❗CVE-2025-11002 ➡️Más info: https://t.co/kKWBT4jtsa https://t.co/fIJa3n25GE

    @CERTpy

    13 Oct 2025

    114 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. 🚨7-Zip CVE-2025-11002 Detection https://t.co/YzTo1xLS1X A KQL query designed to monitor for potential exploitation of CVE-2025-11002 a directory traversal vulnerability in 7-Zip until the affected infrastructure is fully patched and secured. https://t.co/KlIqvU8d8S https://

    @0x534c

    12 Oct 2025

    9115 Impressions

    37 Retweets

    154 Likes

    64 Bookmarks

    2 Replies

    1 Quote

  21. 壓縮工具 7-Zip 存在高風險漏洞 (CVE-2025-11001, CVE-2025-11002)。 風險:解壓縮惡意 ZIP 檔,可能導致遠端程式碼執行。 主因:7-Zip 缺乏自動更新機制,大量用戶仍在使用舊的、有漏洞的版本。 解法:請立即手動前往

    @Easy2Tips

    12 Oct 2025

    199 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  22. 🚨 Dos vulnerabilidades críticas en 7-Zip ⚠️ CVE-2025-11001 ⚠️ CVE-2025-11002 https://t.co/ab04trVtBO https://t.co/MxO228J5V5

    @elhackernet

    12 Oct 2025

    25978 Impressions

    81 Retweets

    372 Likes

    95 Bookmarks

    4 Replies

    7 Quotes

  23. 🛡️ Abrir el archivo equivocado en 7-Zip puede comprometer tu red Dos vulnerabilidades graves (CVE-2025-11001 y CVE-2025-11002) afectan a todas las versiones de 7-Zip anteriores a la 25.00. Permiten a un atacante ejecutar código malicioso al manipular cómo se procesan en

    @CycuraMX

    11 Oct 2025

    2252 Impressions

    14 Retweets

    34 Likes

    16 Bookmarks

    1 Reply

    0 Quotes

  24. Flaws (CVE-2025-11001 & CVE-2025-11002) in 7-Zip allow attackers to gain RCE by exploiting directory traversal via malicious ZIP files. Update immediately to v25.00. #7Zip #RCE #Cybersecurity #ZipFlaw #ZDI https://t.co/2ovXgisOfC

    @the_yellow_fall

    11 Oct 2025

    262 Impressions

    4 Retweets

    3 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  25. 🚨CVE-2025-11002 and CVE-2025-11001: 7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability CVSS: 7.0 / 7.0 Advisory: https://t.co/RYUZ5EoBlH and https://t.co/shEWNSXUQv Fixed in 7-Zip 25.00

    @DarkWebInformer

    10 Oct 2025

    6158 Impressions

    9 Retweets

    49 Likes

    16 Bookmarks

    2 Replies

    1 Quote

  26. ⚠️ Per chi fosse interessato: vulnerabilità ( CVE-2025-11001 e CVE-2025-11002) in #7Zip consentono agli aggressori di eseguire codice arbitrario da remoto. Aggiornamento alla versione 25.00 disponibile. 🔗 https://t.co/k2vcZGHfNp https://t.co/fLvlveEUHd

    @sonoclaudio

    10 Oct 2025

    307 Impressions

    0 Retweets

    6 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  27. 7-Zipで深刻な任意コード実行の脆弱性が修正。CVE-2025-11001とCVE-2025-11002はCVSSスコア7.0。シンボリックリンクリンクの取扱いに起因。バージョン25.00で修正。GMO Flatt SecurityのRyota Shiga氏がTakumiで発見。 https://t.co/O4W

    @__kokumoto

    10 Oct 2025

    1183 Impressions

    6 Retweets

    11 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

  28. 🚨 7-Zip Vulnerabilities Allow Remote Code Execution Two critical flaws (CVE-2025-11001 & CVE-2025-11002). ✅ By exploiting symbolic links in archives, attackers can execute arbitrary code - patch immediately 🎯 🔗 https://t.co/dPuEkTc7tz #CyberSecurity #News

    @MME_IT

    10 Oct 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  29. 7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability (CVE-2025-11002) #7Zip #CVE202511002 #CyberSecurity #RemoteCodeExecutionVulnerability https://t.co/AjeClSpRUo https://t.co/4ROsAdfUIz

    @SystemTek_UK

    9 Oct 2025

    46 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.