AI description
CVE-2025-55188 is a vulnerability found in 7-Zip versions before 25.01. It involves the improper handling of symbolic links during the extraction process. Specifically, 7-Zip does not always handle symbolic links correctly.
- Description
- 7-Zip before 25.01 does not always properly handle symbolic links during extraction.
- Source
- cve@mitre.org
- NVD status
- Analyzed
- Products
- 7-zip
CVSS 3.1
- Type
- Secondary
- Base score
- 3.6
- Impact score
- 1.4
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
- Severity
- LOW
- cve@mitre.org
- CWE-59
- Hype score
- Not currently trending
7z CVE-2025-55188 https://t.co/XlDwTtzOtN
@electrocode
12 Aug 2025
845 Impressions
0 Retweets
23 Likes
10 Bookmarks
0 Replies
0 Quotes
7-Zipに任意ファイル上書きの脆弱性。遠隔コード実行の可能性あり。CVE-2025-55188はCVSSスコア2.7で、アーカイブ展開時のシンボリックリンクの不適切な取扱い。報告者はMITREによるCVSSスコアは低すぎ、再評価を
@__kokumoto
12 Aug 2025
899 Impressions
3 Retweets
12 Likes
5 Bookmarks
0 Replies
0 Quotes
🚨 Critical 7-Zip vulnerability (CVE-2025-55188)! Attackers can write arbitrary files via malicious archives, risking code execution. Update to version 25.01 to stay safe! 🔒 #Cybersecurity #7Zip https://t.co/HqhZ3CIBbk
@_F2po_
11 Aug 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
GitHub - hunters-sec/CVE-2025-55188-7z-exploit: 7z exploit POC versions prior to 25.01 - https://t.co/sRsHrCb2n4
@piedpiper1616
11 Aug 2025
4589 Impressions
27 Retweets
75 Likes
45 Bookmarks
0 Replies
1 Quote
🚨 New 7-Zip flaw (CVE-2025-55188) lets attackers overwrite critical files via symbolic links. Patch to v25.01 ASAP. Details: https://t.co/ilTSALL2Eo #CyberSecurity #Infosec #7zip #CVE202555188 #Canada #CanadaCyberAwareness https://t.co/LEElsymw1x
@FindSecCyber
11 Aug 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
7-Zipにおけるシンボリックリンク処理不備の脆弱性(CVE-2025-55188、CVSS 2.7)が報告された。 7-Zip 25.01未満のバージョンでは、悪意あるアーカイブを展開する際に任意ファイル書き込みが可能となり、条件次第で
@yousukezan
11 Aug 2025
5402 Impressions
32 Retweets
62 Likes
30 Bookmarks
0 Replies
1 Quote
oss-sec: CVE-2025-55188: 7-Zip: Arbitrary file write on extraction, may lead to code execution https://t.co/qM61dtNZeW
@samilaiho
10 Aug 2025
486 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-55188: 7-Zip: Arbitrary file write on extraction, may lead to code execution https://t.co/pLRruFyzDj
@oss_security
10 Aug 2025
10210 Impressions
18 Retweets
86 Likes
52 Bookmarks
0 Replies
1 Quote
CVE-2025-55188 7-Zip before 25.01 does not always properly handle symbolic links during extraction. https://t.co/XAB9MfFw7a
@CVEnew
8 Aug 2025
437 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:7-zip:7-zip:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01512B6C-29D9-4B82-8B99-0B3D44C4D5A1",
"versionEndExcluding": "25.01"
}
],
"operator": "OR"
}
]
}
]