Vulnerability Management

Purported 7-ZIP zero-day vulnerability dismissed

Hacking the security. The threat of information leakage and the security of the system. Red open padlock among closed black ones. Close the gap, fix the problem.

Open-source file archiving software 7-ZIP was noted by its creator Igor Pavlov to not have been impacted by any security issue after verified X user @NSA_Employee39 purportedly leaked a zero-day affecting the archiver that could allegedly be exploited for arbitrary code execution, according to Security Affairs.

Claimed to leverage a custom .7z archive with an atypical LZMA stream to facilitate RC_NORM buffer overflow, such a vulnerability has been dismissed by Pavlov as a fake that involved artificial intelligence-generated code.

"...[T]here is no RC_NORM function in LZMA decoder. Instead, 7-Zip contains RC_NORM macro in LZMA encoder and PPMD decoder. Thus, the LZMA decoding code does not call RC_NORM. And the statement about RC_NORM in the exploit comment is not true," said Pavlov.

The veracity of the zero-day has also been questioned by other experts, including @LowLevelTweets on X.

"Been messing with this PoC for over an hour and can't get it to do anything. No crashes, no hangs. Doesn't timeout," he said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds