Actively exploited vulnerability

CVE-2023-38831: RARLAB WinRAR Code Execution Vulnerability

RARLAB WinRAR contains an unspecified vulnerability that allows an attacker to execute code when a user attempts to view a benign file within a ZIP archive.

CISA KEV source 24 Aug 2023 added 14 Sep 2023 remediation due

Affected product

RARLAB ยท WinRAR

Known ransomware use: Known

Required action

Follow the source advisory and validate exposure in your environment.

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Related Yasna coverage

Recent reporting that mentions CVE-2023-38831.

Bleeping Computer24 Aug 2023

WinRAR zero-day exploited since April to hack trading accounts

A WinRar zero-day vulnerability tracked as CVE-2023-38831 was actively exploited to install malware when clicking on harmless files in an archive, allowing the hackers to breach online cryptocurrency trading accounts. [...]