WinRAR Fixes Critical Remote Code Execution Vulnerability

A critical vulnerability, CVE-2023-40477, has been discovered in WinRAR, the popular file compression and archiving utility for Windows operating systems. This flaw allows arbitrary code execution on a target user’s system.

The issue is related to insufficient validation of user-supplied data during the processing of recovery volumes. A security researcher known as “goodbyeselene” from the Zero Day Initiative reported the vulnerability to RARLAB on June 8, 2023.

According to the official ZDI advisory: “This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of recovery volumes. The issue results from the lack of proper validation of user-supplied data, which can lead to out-of-bounds memory access. An attacker can leverage this vulnerability to execute code in the context of the current process.”

WinRAR has addressed the issue with the release of version 6.23. All WinRAR users are strongly advised to update to the latest version as soon as possible, before attackers begin exploiting this vulnerability in real-world attacks.