AI description
CVE-2025-8088 is a path traversal vulnerability affecting the Windows version of WinRAR. It allows attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild. It was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET. The vulnerability was exploited in phishing attacks to deliver RomCom malware. The attackers can trick the program into saving a file in a different location than the user intended, such as the computer's Startup folder. This allows the attackers to execute their own code. WinRAR patched the vulnerability in version 7.13.
- Description
- A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET.
- Source
- security@eset.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 8.4
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
- security@eset.com
- CWE-35
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
38
WinRAR users: Patch now! A zero-day flaw (CVE-2025-8088) is being exploited in phishing attacks to drop RomCom malware. Update to v7.13 immediately to prevent attackers from planting malicious files in your startup folder. Details: https://t.co/xMHhzgq2Yo
@RedTeamNewsBlog
10 Aug 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2017-5689 2 - CVE-2025-31324 3 - CVE-2025-8088 4 - CVE-2025-4609 5 - CVE-2024-50264 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
10 Aug 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
WinRAR 7.12以前に脆弱性『CVE-2025-8088』。マルウェア感染の恐れ。7.13へアップデートを | ニッチなPCゲーマーの環境構築Z https://t.co/T8vAdhX8VD
@yukikaze_62
10 Aug 2025
5 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🔴 Urgent Warning: Dangerous WinRAR Bug Reactivated – Update Now! ▪️ A new vulnerability identified as CVE-2025-8088 has been discovered in WinRAR, which hackers are using to spread RomCom malware. The alarming part is that this attack can be executed even on Windows sys
@Xai_ir
10 Aug 2025
84 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
WinRAR 7.12以前に脆弱性『CVE-2025-8088』。マルウェア感染の恐れ。7.13へアップデートを | ニッチなPCゲーマーの環境構築Z https://t.co/uYlffzhtYP 有名なソフトほど狙われるから注意しないと
@KEIGONT161248
10 Aug 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-8088
@transilienceai
10 Aug 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
WinRAR 7.12以前に脆弱性『CVE-2025-8088』。マルウェア感染の恐れ。7.13へアップデートを | ニッチなPCゲーマーの環境構築Z https://t.co/8F53r52WR6
@rizeruto_z
10 Aug 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
WinRAR 7.12以前に脆弱性『CVE-2025-8088』。マルウェア感染の恐れ。7.13へアップデートを | ニッチなPCゲーマーの環境構築Z https://t.co/r5rrJnOLLV
@Luke06121
10 Aug 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
WinRAR 7.12以前に脆弱性『CVE-2025-8088』。マルウェア感染の恐れ。7.13へアップデートを | ニッチなPCゲーマーの環境構築Z https://t.co/H0dBen8a1B
@hat2012
10 Aug 2025
102 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
WinRARの脆弱性(CVE-2025-8088)を悪用したRomComマルウェア ゼロデイ的に利用されたWinRAR脆弱性を使い、RomComというマルウェアをフィッシング経由でインストールする被害が増加中 https://t.co/54Uyxu1EwI
@shampoo_101_
9 Aug 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
WinRAR Zero-Day CVE-2025-8088 Exploited to Spread RomCom Malware https://t.co/1BI6jDoFZT via @HackRead
@MarcusKroppIII
9 Aug 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical WinRAR flaw CVE-2025-8088 exploited by Russia-linked hackers to spread RomCom malware. Update to version 7.13 now! https://t.co/kxHclEpTxr
@not2cleverdotme
9 Aug 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
WinRAR Zero-Day CVE-2025-8088 Exploited to Spread RomCom Malware #cybersecurity #cloud #privacy https://t.co/DvLJysDN82
@NRG_fx
9 Aug 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
WinRAR Zero-Day CVE-2025-8088 Exploited to Spread RomCom Malware https://t.co/vJkAQ6Uum2
@Dinosn
9 Aug 2025
3983 Impressions
11 Retweets
39 Likes
16 Bookmarks
1 Reply
0 Quotes
⚠️ WinRAR 0day abused in phishing to deploy RomCom malware WinRAR’s zero-day flaw (CVE-2025-8088), fixed in v7.13, was used in phishing RAR files to drop executables into Startup folders, triggering RomCom malware on login. RomCom (aka UNC2596) is a Russia-linked group b
@ransomnews
9 Aug 2025
12271 Impressions
47 Retweets
156 Likes
75 Bookmarks
0 Replies
2 Quotes
HackRead: Critical #WinRAR flaw CVE-2025-8088 exploited by Russia-linked hackers to spread RomCom malware, update to version 7.13 NOW! Read: https://t.co/YGVtgm65Np #CyberSecurity #0day #Vulnerability #RomCom #Malware
@MrsYisWhy
9 Aug 2025
82 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
WinRARの脆弱性CVE-2025-8088を使用してRomComマルウェアをインストールさせるフィッシング攻撃について。CVE-2025-8088はディレクトリトラバーサルの脆弱性で、バージョン7.1.3で修正されている。 https://t.co/JmDG6oVQTn
@__kokumoto
9 Aug 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
WinRAR zero-day exploited to plant malware on archive extraction A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to instal : https://t.co/WtlO3rB128 #blog #digitpatrox
@DigitpatroxOff
9 Aug 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
في تحذير أمني عاجل من شركة "إيست"، كشفت عن ثغرة خطيرة (CVE-2025-8088) في برنامج "وين رار"، يستغلها قراصنة لنشر برمجيات خبيثة عبر استغلال مكتبة "UNRAR.dll" لكتابة ملفات
@abnabdullah5
9 Aug 2025
276 Impressions
0 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
Phishing attacks exploit WinRAR flaw CVE-2025-8088 to install RomCom https://t.co/K7fY0EU7Ji WinRAR flaw CVE-2025-8088, fixed in v7.13, was exploited as a zero-day in phishing attacks to install RomCom malware. The WinRAR flaw CVE-2025-8088, a directory traversal bug fixed i
@f1tym1
9 Aug 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Phishing attacks exploit WinRAR flaw CVE-2025-8088 to install RomCom https://t.co/lSgwnsdW5V
@hackplayers
9 Aug 2025
946 Impressions
2 Retweets
2 Likes
2 Bookmarks
1 Reply
0 Quotes
Phishing attacks exploit WinRAR flaw CVE-2025-8088 to install RomCom https://t.co/3c5RTljjKW #BreakingNews https://t.co/25CnhSvtae
@evanderburg
9 Aug 2025
156 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
🚨 CVE-2025-8088: WinRAR Zero-Day Used to Deploy RomCom Backdoors ESET has identified spearphishing campaigns leveraging malicious RAR attachments to exploit CVE-2025-8088—a WinRAR zero-day vulnerability. This technique delivers RomCom backdoors, attributed to threat actor h
@0x534c
9 Aug 2025
9500 Impressions
31 Retweets
106 Likes
90 Bookmarks
4 Replies
0 Quotes
🚨 WinRAR zero-day (CVE-2025-8088) exploited in phishing attacks to deploy RomCom malware, highlighting the importance of prompt software updates. https://t.co/85RqHrpMCx
@not2cleverdotme
9 Aug 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A recently fixed zero-day flaw in WinRAR, tracked as CVE-2025-8088, was reportedly exploited by hackers in phishing attacks to install the RomCom malware. #CyberSecurity #WinRAR https://t.co/Kodn3DLPL9
@Cyber_O51NT
9 Aug 2025
467 Impressions
0 Retweets
5 Likes
1 Bookmark
0 Replies
0 Quotes
WinRAR zero-day vulnerability CVE-2025-8088 exploited by Russia-linked RomCom group to deploy malware via malicious RAR files extracting to attacker-controlled paths. Fixed in WinRAR 7.13 but requires manual update. #RomCom #WinRARUpdate #Russia https://t.co/pd9HDEn6jj
@TweetThreatNews
8 Aug 2025
144 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical WinRAR vulnerability, CVE-2025-8088, has been exploited by RomCom hackers in phishing attacks, resulting in the installation of malware. Discover the details of this zero-day flaw and its implications for cybersecurity. Read more here: https://t.co/vNZESORIaV
@trubetech
8 Aug 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
nooo not the winrar 😱 🟧 CVE-2025-8088, CVSS: 8.4 (High) WinRAR version prior to 7.12 Path traversal vulnerability in the Windows version of WinRAR. Attackers can execute arbitrary code by crafting malicious archive files. 🚨This vulnerability has been exploited in th
@UjlakiMarci
8 Aug 2025
219 Impressions
2 Retweets
2 Likes
1 Bookmark
1 Reply
0 Quotes
⚠️ Critical WinRAR RCE (CVE-2025-8088) is being actively exploited! Attackers are using crafted archives to execute code via a path traversal flaw. Update WinRAR to the latest version NOW to secure your systems. Don't be a target! #WinRAR #Cybersecurity https://t.co/jcu9eETv
@fernandokarl
8 Aug 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-8088 A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerab… https://t.co/I5sQLIopU3
@CVEnew
8 Aug 2025
676 Impressions
0 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes