7-Zippin’ My Way To Admin

Share This Post

A new zero-day vulnerability (CVE-2022-29072) has been discovered allowing easy privilege escalation and command execution. A simple drag and drop is all that is needed to complete this. Researchers have found when a file with the .7z extension is dragged to the Help>Contents area it causes a heap overflow in 7zFM.exe which results in privilege escalation (usually to Admin). 7zip has yet to patch the vulnerability however two known mitigations are available:

  1. Deleting the 7-zip.chm file.
  2. 7-zip should only be allowed to have read and run permissions for all users.

However it must be noted that this vulnerability is disputed as of writing this article.

Links: https://github.com/sentinelblue/CVE-2022-29072

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29072



Reach out to our incident response team for help

More To Explore

Information Security News 9-30-2024

NIST Drops Password Complexity, Mandatory Reset Rules Article Link: https://www.darkreading.com/identity-access-management-security/nist-drops-password-complexity-mandatory-reset-rules Hacker Plants False Memories in ChatGPT to Steal User Data in Perpetuity Article Link: https://arstechnica.com/security/2024/09/false-memories-planted-in-chatgpt-give-hacker-persistent-exfiltration-channel/

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.