CVE-2023-38831

RARLAB WinRAR Code Execution Vulnerability

Severity Score

7.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

Yes

*KEV

Decision

Act

*SSVC

Descriptions

RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.

WinRAR version 6.22 suffers from a remote code execution vulnerability via a malicious zip archive.

RARLAB WinRAR contains an unspecified vulnerability that allows an attacker to execute code when a user attempts to view a benign file within a ZIP archive.

*Credits: N/A

CVSS Scores

NISTv3.1 7.8

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Act

Exploitation

Active

Automatable

Tech. Impact

Total

* Organization's Worst-case Scenario

Timeline

2023-07-25 CVE Reserved
2023-08-23 CVE Published
2023-08-24 Exploited in Wild
2023-08-27 First Exploit
2023-09-14 KEV Due Date
2024-08-02 CVE Updated
2024-10-19 EPSS Updated

CWE

CWE-351: Insufficient Type Distinction

CAPEC

References (39)

URL	Tag	Source
https://news.ycombinator.com/item?id=37236100	Issue Tracking
https://b1tg.github.io/post/cve-2023-38831-winrar-analysis

URL	Date	SRC
https://github.com/b1tg/CVE-2023-38831-winrar-exploit	2023-11-26
https://github.com/ignis-sec/CVE-2023-38831-RaRCE	2023-08-27
https://github.com/Malwareman007/CVE-2023-38831	2023-09-12
https://github.com/MorDavid/CVE-2023-38831-Winrar-Exploit-Generator-POC	2023-08-31
https://github.com/ahmed-fa7im/CVE-2023-38831-winrar-expoit-simple-Poc	2023-08-28
https://github.com/xaitax/WinRAR-CVE-2023-38831	2023-09-08
https://github.com/z3r0sw0rd/CVE-2023-38831-PoC	2023-09-01
https://github.com/ameerpornillos/CVE-2023-38831-WinRAR-Exploit	2023-09-12
https://github.com/Mich-ele/CVE-2023-38831-winrar	2023-09-01
https://github.com/sh770/CVE-2023-38831	2023-08-30
https://github.com/Fa1c0n35/CVE-2023-38831-winrar-exploit	2023-08-30
https://github.com/h3xecute/SideCopy-Exploits-CVE-2023-38831	2023-11-01
https://github.com/MortySecurity/CVE-2023-38831-Exploit-and-Detection	2023-08-29
https://github.com/GOTonyGO/CVE-2023-38831-winrar	2023-09-07
https://github.com/HDCE-inc/CVE-2023-38831	2024-08-04
https://github.com/knight0x07/WinRAR-Code-Execution-Vulnerability-CVE-2023-38831	2023-08-28
https://github.com/PascalAsch/CVE-2023-38831-KQL	2023-08-28
https://github.com/malvika-thakur/CVE-2023-38831	2023-09-21
https://github.com/IR-HuntGuardians/CVE-2023-38831-HUNT	2023-08-27
https://github.com/kehrijksen/CVE-2023-38831	2023-10-24
https://github.com/ruycr4ft/CVE-2023-38831	2023-10-12
https://github.com/IMHarman/CVE-2023-38831	2023-09-15
https://github.com/SpamixOfficial/CVE-2023-38831	2023-12-20
https://github.com/an040702/CVE-2023-38831	2023-09-17
https://github.com/Nielk74/CVE-2023-38831	2023-10-21
https://github.com/thegr1ffyn/CVE-2023-38831	2023-08-29
https://github.com/asepsaepdin/CVE-2023-38831	2023-09-03
https://github.com/RomainBayle08/CVE-2023-38831	2024-04-06
https://github.com/MyStuffYT/CVE-2023-38831-POC	2024-03-01
https://github.com/Hirusha-N/CVE-2021-34527-CVE-2023-38831-and-CVE-2023-32784	2024-06-25
https://github.com/solomon12354/VolleyballSquid-----CVE-2023-38831-and-Bypass-UAC	2024-06-18
https://github.com/FirFirdaus/CVE-2023-38831	2024-08-31
https://github.com/technicalcorp0/CVE-2023-38831-Exploit	2024-09-27
http://packetstormsecurity.com/files/174573/WinRAR-Remote-Code-Execution.html	2024-08-02
https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability	2024-08-02
https://www.bleepingcomputer.com/news/security/winrar-zero-day-exploited-since-april-to-hack-trading-accounts	2024-08-02
https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day	2024-08-02

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Rarlab Search vendor "Rarlab"		Winrar Search vendor "Rarlab" for product "Winrar"				< 6.23 Search vendor "Rarlab" for product "Winrar" and version " < 6.23"		-		Affected