Summary of CVE-2025-6218
CVE ID: CVE-2025-6218
Publication Date: June 20, 2025
Last Modified: June 20, 2025
Source: Zero-Day Initiative
Description
CVE-2025-6218 is a recently disclosed vulnerability in the RARLAB WinRAR application, characterized by a remote code execution (RCE) flaw associated with directory traversal. This vulnerability permits remote attackers to execute arbitrary code on systems running vulnerable versions of WinRAR. Exploitation requires user interaction, meaning the victim must either visit a malicious webpage or open a specially crafted file.
The specific issue lies in how WinRAR processes file paths within archive files. When a user interacts with a crafted file path, it can cause the application to navigate to unintended directories. This enables an attacker to run arbitrary code in the context of the currently logged-in user, raising serious security concerns.
CVSS Scoring
The vulnerability has metrics associated with different versions of the Common Vulnerability Scoring System (CVSS):
-
CVSS 4.0: Specific severity and vector strings associated with this scoring have yet to be listed.
-
CVSS 3.x:
- Attack Vector: Local (AV:L)
- Attack Complexity: Low (AC:L)
- Privileges Required: None (PR:N)
- User Interaction: Required (UI:R)
- Scope: Unchanged (S:U)
- Confidentiality Impact: High (C:H)
- Integrity Impact: High (I:H)
- Availability Impact: High (A:H)
- CVSS 2.0: Similar scoring details have not been completely provided but generally reflect high severity due to the nature of user interaction and potential impacts.
CWE Enumeration
The vulnerability has been categorized under Common Weakness Enumeration (CWE) as:
- CWE-22: Inadequate Limitation of a Pathname to a Restricted Directory ("Directory Traversal"). This classification indicates that careful handling and validation of file paths are not enforced.
References and Additional Information
- WinRAR Advisory: For more information about this vulnerability, reference is provided to official WinRAR communications which can be accessed here.
- Zero-Day Initiative Advisory: Details can also be viewed on the Zero-Day Initiative advisory page.
Change History
The history of changes related to this CVE indicates that the vulnerability entry was created on June 20, 2025, and the details have been updated to include comprehensive descriptions, CVSS scores, and additional references.
Conclusion
CVE-2025-6218 signifies a critical vulnerability within RARLAB’s WinRAR that requires immediate attention. Users are cautioned to avoid opening unknown files or visiting untrusted links, as attackers can exploit this vulnerability to execute malicious code. System administrators are strongly recommended to stay updated on patches and enhancements from WinRAR to mitigate risks associated with this vulnerability.