Exploitation of WinRAR Vulnerability CVE-2025-8088

Exploitation of vulnerability in RARLab's WinRAR could allow an attacker to execute arbitrary code

Threat ID:: CC-4689
Threat Severity:: Medium
Published:: 11 August 2025 1:53 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Exploitation of vulnerability in RARLab's WinRAR could allow an attacker to execute arbitrary code

Affected platforms

The following platforms are known to be affected:

Versions: all prior to 7.13

RARLabs WinRAR

Threat details

Introduction

A directory traversal zero-day vulnerability within RARLabs WinRAR has been identified by ESET security researchers as CVE-2025-8088. This vulnerability affects the Windows version of WinRAR and successful exploitation could allow an attacker to execute arbitrary code by crafting malicious archive files.

Exploitation of CVE-2025-8088

CVE-2025-8088 has been observed being exploited in the wild. ESET is planning to release a report regarding the exploitation at a later date.

Remediation advice

Affected organisations are encouraged to review the WinRAR 7.13 release notes and install the latest version of RARLabs WinRAR.

Definitive source of threat updates

CVE Vulnerabilities

Status Published

CVE-2025-8088

A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET.

Last edited: 11 August 2025 1:53 pm