Unrated severityCISA KEVNVD Advisory· Published Jan 25, 2025· Updated Feb 26, 2026

7-Zip Mark-of-the-Web Bypass Vulnerability

CVE-2025-0411

Description

7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the handling of archived files. When extracting files from a crafted archive that bears the Mark-of-the-Web, 7-Zip does not propagate the Mark-of-the-Web to the extracted files. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. Was ZDI-CAN-25456.

Affected products

7 Zip/7 Zipv5
Range: 24.08 (x64)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.zerodayinitiative.com/advisories/ZDI-25-045/mitrex_research-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.037
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000