CVE-2018-10115 is the identifier of the latest security vulnerability discovered in 7-Zip that affects all the versions of the program prior to 18.05.
More about 7-Zip
7-Zip is a free open-source archiver with a high compression ratio. The program is under the License of GNU LGPL & BSD 3-clause and can be used both by home and enterprise users. “You can use 7-Zip on any computer, including a computer in a commercial organization. You don’t need to register or pay for 7-Zip,” its website says.
7-Zip has been around for almost two decades since its initial release in 1999. Its last stable release was on April 30, 2018, which is 7-Zip version 18.05.
More about CVE-2018-10115
Here is the official description of the vulnerability:
Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive.
As just mentioned, successful exploitation of this vulnerability could allow attackers to perform arbitrary code execution on vulnerable systems. Depending on the privileges associated with the user, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights, CIS researchers said.
Note that if you have configured to have fewer user rights on the system, you may be less impacted than those who operate with admin user rights.
The worst part is that CVE-2018-10115 affects all the versions of 7-Zip prior to its latest stable release, 18.05.
Who is at risk? Large and small government entities are at high of exploitation, as well as small, medium and large businesses, and home users.
Fortunately, researchers say currently there are no reports of this vulnerability being exploited in the wild. Nonetheless, counter measures should be taken.
How to Counter CVE-2018-10115?
Researchers recommend the following actions:
- Apply appropriate updates provided by 7-Zip to vulnerable systems, immediately after appropriate testing.
- Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
- Apply the Principle of Least Privilege to all systems and services.