EPISODE · Oct 24, 2025 · 9 MIN
7-Zip Vulnerability: New CVEs Allow Remote Code Execution and File Overwrites
from IT SPARC Cast
In this episode of CVE of the Week, John and Lou unpack a fresh pair of vulnerabilities affecting one of the most common tools on Windows desktops — 7-Zip.Tracked as CVE-2025-11001 and CVE-2025-11002, these directory traversal flaws allow attackers to craft malicious archives that can escape the extraction folder, overwrite arbitrary files, and potentially lead to remote code execution (RCE). The hosts discuss how the vulnerabilities impact not just individual users but also automated systems such as CI/CD pipelines, backup servers, and antivirus scanners that automatically unpack archives.They also cover how this seemingly moderate (CVSS 7.0) issue highlights a deeper problem — shadow IT and uncontrolled software installation inside enterprise environments. From patching strategies to user privilege escalation controls, this episode offers real-world guidance for keeping your organization secure.⸻Key Takeaways•Two new 7-Zip vulnerabilities (CVE-2025-11001 & CVE-2025-11002) enable directory traversal and code execution.•Impacts Windows desktops and automated extraction workflows in enterprise systems.•Proof-of-concept exploits are already public on GitHub.•The fix: Update 7-Zip immediately, disable automatic extraction of untrusted files, and audit your endpoint permissions.•Also, define a clear policy for software installation to minimize risk from unmanaged tools.⸻Stay ConnectedIT SPARC Cast@ITSPARCCast on Xhttps://www.linkedin.com/company/sparc-sales/ on LinkedInJohn Barger@john_Video on Xhttps://www.linkedin.com/in/johnbarger/ on LinkedInLou Schmidt@loudoggeek on Xhttps://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn Hosted on Acast. See acast.com/privacy for more information.
What this episode covers
In this episode of CVE of the Week, John and Lou unpack a fresh pair of vulnerabilities affecting one of the most common tools on Windows desktops — 7-Zip.Tracked as CVE-2025-11001 and CVE-2025-11002, these directory traversal flaws allow attackers to craft malicious archives that can escape the extraction folder, overwrite arbitrary files, and potentially lead to remote code execution (RCE). The hosts discuss how the vulnerabilities impact not just individual users but also automated systems such as CI/CD pipelines, backup servers, and antivirus scanners that automatically unpack archives.They also cover how this seemingly moderate (CVSS 7.0) issue highlights a deeper problem — shadow IT and uncontrolled software installation inside enterprise environments. From patching strategies to user privilege escalation controls, this episode offers real-world guidance for keeping your organization secure.⸻Key Takeaways•Two new 7-Zip vulnerabilities (CVE-2025-11001 & CVE-2025-11002) enable directory traversal and code execution.•Impacts Windows desktops and automated extraction workflows in enterprise systems.•Proof-of-concept exploits are already public on GitHub.•The fix: Update 7-Zip immediately, disable automatic extraction of untrusted files, and audit your endpoint permissions.•Also, define a clear policy for software installation to minimize risk from unmanaged tools.⸻Stay ConnectedIT SPARC Cast@ITSPARCCast on Xhttps://www.linkedin.com/company/sparc-sales/ on LinkedInJohn Barger@john_Video on Xhttps://www.linkedin.com/in/johnbarger/ on LinkedInLou Schmidt@loudoggeek on Xhttps://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn Hosted on Acast. See acast.com/privacy for more information.
NOW PLAYING
7-Zip Vulnerability: New CVEs Allow Remote Code Execution and File Overwrites
No transcript for this episode yet
Similar Episodes
Feb 4, 2026 ·18m
Sep 26, 2023 ·65m