7-Zip Vulnerability Potentially Gives Hackers Admin Privileges

7-zip vulnerability
Written by Wilbur Woodham

7-Zip, a free open source file archiver has been diagnosed with a flagrant vulnerability (CVE-2022-29072). It has been revealed that dragging a specially-tailored file into the application’s Help>Contents menu area potentially allows execution of any commands with system privileges. The vulnerability exists on Windows platforms and it originates from incorrect settings of 7z.dll library combined with clipboard overload.

After receiving the notification 7-Zip developers did not admit their responsibility for the vulnerability. They insisted that the effect occurred because of the hh.exe (Microsoft HTML Helper). This process is launched during drag-and-drop in Windows. The researcher who discovered the vulnerability notes that the hh.exe is not the primary cause of the vulnerability, for the scripts of the exploit are launched as a 7zFM.exe child process. A potential attack via command injection is possible due to the 7zFM.exe clipboard being overloaded and faulty 7z.dll settings.

A help file that opened a cmd.exe via injected commands was used as an example. Although it has been reported by third parties that privilege escalation cannot occur in this case, the exploit to gain System privileges is said to be developed. It won’t be published until the release of a respective patch that will clear this 7-Zip vulnerability. Before the fix is released, the relevant safety measure is limiting access for 7-zip (read and run only).

Wilbur Woodham
Wilbur Woodham
IT Security Expert
It is better to prevent, than repair and repent!
When we talk about the intrusion of unfamiliar programs into your computer's work, the proverb "Forewarned is forearmed" describes the situation as accurately as possible. Gridinsoft Anti-Malware is exactly the tool that is always useful to have in your armory: fast, efficient, up-to-date. It is appropriate to use it as an emergency help at the slightest suspicion of infection.
Anti-Malware
Gridinsoft Anti-Malware 6-day trial available.
EULA | Privacy Policy | 10% Off Coupon
Subscribe to our Telegram channel to be the first to know about news and our exclusive materials on information security.
Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Wilbur Woodham

I was a technical writer from early in my career, and consider IT Security one of my foundational skills. I’m sharing my experience here, and I hope you find it useful.

Leave a Reply

Sending