AI description
CVE-2025-33028 is a Mark-of-the-Web (MotW) bypass vulnerability in WinZip (up to version 29.0 or 76.9, depending on the source). It stems from an incomplete fix for CVE-2024-8811. The vulnerability allows attackers to craft malicious archives that, when opened with WinZip, cause extracted files to lose the MotW tag. This tag is a Windows security feature that flags files downloaded from the internet, prompting a security warning before execution, especially for files containing macros or executables. Because WinZip strips the MotW tag, extracted malicious files are treated as trusted, local files. This allows malicious code within those files, such as macro-enabled Office documents or scripts, to execute without triggering the usual security alerts. An attacker could then execute arbitrary code within the context of the current user, potentially leading to malware installation, privilege escalation, or sensitive information disclosure. User interaction is required to exploit this vulnerability, as the target must open a malicious archive.
- Description
- In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of archived files. When extracting files from a crafted archive that bears the Mark-of-the-Web, WinZip does not propagate the Mark-of-the-Web to the extracted files. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 6.1
- Impact score
- 2.7
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
- cve@mitre.org
- CWE-830
- Hype score
- Not currently trending
📈米国の保険業者から470万人分のデータがGoogleへ流出、アナリティクスの誤設定により ⚠️WinZipに、MOTWバイパスを可能にするゼロデイ脆弱性:CVE-2025-33028 〜サイバーアラート 4月24日〜 https://t.co/8OBHs6CzgM #セキュリティ #インテリジェンス #OSINT
@MachinaRecord
24 Apr 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-33028: WinZip Flaw Exposes Users to Silent Code Execution via MotW Bypass, No Patch https://t.co/rLfrW08Sd2
@samilaiho
22 Apr 2025
641 Impressions
3 Retweets
5 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-33028(WinZipの脆弱性)は、Windowsのセキュリティ機能「Mark-of-the-Web (MotW)」を回避する可能性があり、悪意あるコードが警告なしに実行されるリスクがあります。
@shojiueda
22 Apr 2025
106 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
WinZipに深刻な脆弱性(CVE-2025-33028)が発見された。これはWindowsのセキュリティ機能「Mark-of-the-Web(MotW)」を回避し、悪意あるコードを警告なしに実行させる恐れがある。
@yousukezan
22 Apr 2025
3747 Impressions
11 Retweets
39 Likes
12 Bookmarks
0 Replies
0 Quotes
CVE-2025-33028 Mark-of-the-Web Bypass Vulnerability in WinZip through 29.0 https://t.co/Tq5ImbMfmD
@VulmonFeeds
15 Apr 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-33028 In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. This vulnerability allows attackers to bypass … https://t.co/KotTGh8EzG
@CVEnew
15 Apr 2025
333 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes