Skip to content
Auto-CTI
Back to today
HIGH A3

[UPDATE] 7-Zip: Multiple Vulnerabilities

A BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) ·

Admiralty grading (A–F · 1–6)

Source reliability

  • A Completely reliable
  • B Usually reliable
  • C Fairly reliable
  • D Not usually reliable
  • E Unreliable
  • F Cannot be judged

Information credibility

  • 1 Confirmed
  • 2 Probably true
  • 3 Possibly true
  • 4 Doubtful
  • 5 Improbable
  • 6 Cannot be judged

NATO Admiralty (AJP-2.1) grades confidence, independent of the risk score. Cross-source corroboration isn't tracked for non-CVE news, so single-source items are capped at a lower credibility number; a low number does not imply low quality.

Key insight

The BSI warning describes multiple 7-Zip vulnerabilities without specific CVE numbers or CVSS scores; further details on exploitability and affected versions are required.

Description

The BSI has issued a warning regarding multiple vulnerabilities in 7-Zip. A remote, anonymous attacker can exploit these vulnerabilities to disclose memory contents, trigger denial-of-service conditions, or execute arbitrary code with the privileges of the affected user. The warning does not include detailed CVE identifiers or CVSS scores; it is recommended to consult the official BSI advisory for affected versions and patch timelines.

Risk score

20
cvss base
0.00
kev bonus
0.00
epss bonus
0.00
poc bonus
0.00
raw before weight
0.00
industry weight
1.21
freshness factor
1.00
exploitability factor
1.00
days old
0.00
vendor mismatch penalty
0.00

Path: operational

ESC