轉發 國家資安資訊分享與分析中心 NISAC-200-202508-00000076

[內容說明]
研究人員發現Windows版本WinRAR存在路徑穿越(Path Traversal)漏洞(CVE-2025-8088)，未經身分鑑別之遠端攻擊者可利用漏洞製作惡意壓縮檔並透過釣魚信件發送，當受駭者開啟壓縮檔後，惡意程式將寫入開機資料夾中，並於每次開機時自動執行。該漏洞已遭駭客利用，請儘速確認並進行修補。

[影響平台]
Windows版本WinRAR 7.12(含)以前版本

[建議措施]
請更新Windows版本WinRAR至7.13(含)以後版本

[參考資料]
1. https://nvd.nist.gov/vuln/detail/CVE-2025-8088
2. https://www.helpnetsecurity.com/2025/08/11/winrar-zero-day-cve-2025-8088
Forwarded from the National Information Security Information Sharing and Analysis Center (NISAC-200-202508-00000076)

[Description]
Researchers have discovered a path traversal vulnerability (CVE-2025-8088) in the Windows version of WinRAR. Unauthenticated remote attackers can exploit this vulnerability by creating a malicious compressed file and sending it via phishing emails. When the victim opens the compressed file, the malicious program is written to the startup folder and automatically executed every time the computer is restarted. This vulnerability has been exploited by hackers. Please confirm and patch it as soon as possible.

[Affected Platforms]
WinRAR for Windows versions 7.12 and earlier

[Recommended Action]
Please update WinRAR for Windows to version 7.13 and later.

[References]
1. https://nvd.nist.gov/vuln/detail/CVE-2025-8088
2. https://www.helpnetsecurity.com/2025/08/11/winrar-zero-day-cve-2025-8088