CVE-2018-10115 é o identificador da vulnerabilidade de segurança mais recente descoberta no 7-Zip que afeta todas as versões do programa anteriores a 18.05.
More about 7-Zip
7-Zip is a free open-source archiver with a high compression ratio. The program is under the License of GNU LGPL & BSD 3-clause and can be used both by home and enterprise users. “You can use 7-Zip on any computer, including a computer in a commercial organization. You don’t need to register or pay for 7-Zip,” its website diz.
7-Zip has been around for almost two decades since its initial release in 1999. Its last stable release was on April 30, 2018, which is 7-Zip version 18.05.
More about CVE-2018-10115
Here is the official description of the vulnerability:
Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive.
Como mencionado, successful exploitation of this vulnerability could allow attackers to perform arbitrary code execution on vulnerable systems. Depending on the privileges associated with the user, an attacker could install programs; Visão, mudança, ou dados de exclusão; ou criar novas contas com direitos totais de usuário, CIS researchers disse.
Note that if you have configured to have fewer user rights on the system, you may be less impacted than those who operate with admin user rights.
The worst part is that CVE-2018-10115 affects all the versions of 7-Zip prior to its latest stable release, 18.05.
Quem está em risco? Large and small government entities are at high of exploitation, as well as small, medium and large businesses, and home users.
Felizmente, researchers say currently there are no reports of this vulnerability being exploited in the wild. Não obstante, counter measures should be taken.
How to Counter CVE-2018-10115?
Researchers recommend the following actions:
- Apply appropriate updates provided by 7-Zip to vulnerable systems, immediately after appropriate testing.
- Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
- Apply the Principle of Least Privilege to all systems and services.