Tag Archives: bizone

September “In the Trend of VM” (#19): vulnerabilities in the WinRAR and 7-Zip archivers, SAP NetWeaver, and TrueConf Server

September “In the Trend of VM” (#19): vulnerabilities in the WinRAR and 7-Zip archivers, SAP NetWeaver, and TrueConf Server. A traditional monthly roundup – for the first time with NO Microsoft vulnerabilities! 😲🙂

🗞 Post on Habr (rus)
🗒 Digest on the PT website (rus)

A total of eight trending vulnerability IDs in four products:

🔻 Remote Code Execution – WinRAR (CVE-2025-6218, CVE-2025-8088). An exploitable RCE during archive extraction.
🔻 Remote Code Execution – SAP NetWeaver (CVE-2025-31324, CVE-2025-42999). An exploitable RCE in a component of a popular ERP system.
🔻 Remote Code Execution – 7-Zip (CVE-2025-55188). Mostly a Linux RCE during archive extraction – a public exploit is available.
🔻 Remote Code Execution – TrueConf Server (BDU:2025-10116, BDU:2025-10115, BDU:2025-10114). Critical flaws in Russian videoconferencing system.

На русском

About Remote Code Execution – WinRAR (CVE-2025-6218, CVE-2025-8088) vulnerabilities

1 Reply

About Remote Code Execution – WinRAR (CVE-2025-6218, CVE-2025-8088) vulnerabilities. A crafted file path inside an archive may cause the extraction process to move into unintended directories (including the Startup directories 😈), which can result in archive extraction leading to the execution of malicious code in the context of the current user.

🩹 Vulnerability CVE-2025-6218 was reported to the vendor on June 5. It was fixed on June 25 in version 7.12. A month later, on July 30, version 7.13 was released, which addressed CVE-2025-8088 with the same description.

🛠 A public exploit for CVE-2025-6218 has been available on GitHub since June 27.

👾 On August 8, BiZone reported phishing attacks against Russian organizations exploiting CVE-2025-6218 and CVE-2025-8088 since early July, linked to the group Paper Werewolf (GOFFEE). ESET also observed attacks exploiting these vulnerabilities to deploy RomCom backdoors.

На русском

CISO Forum 2019: Vulnerability Management, Red Teaming and a career in Information Security abroad

1 Reply

CISO Forum 2019: Vulnerability Management, Red Teaming and a career in Information Security abroad. Today, at the very end of 2019, I want to write about the event I attended in April. Sorry for the delay ?. This doesn’t mean that CISO Forum 2019 was not Interesting or I had nothing to share. Not at all! In fact, it was the most inspiring event of the year, and I wanted to make a truly monumental report about it. And I began to write it, but, as it usually happens, more urgent tasks and topics appeared, so the work eventually stopped until now.

The first discussion was about Offensive Security and Red Teams in particular

At CISO Forum 2019 I participated in two panel discussions. The first one was about Offensive Security and Red Teams in particular.

Continue reading →

This is my personal blog. The opinions expressed here are my own and not of my employer. All product names, logos, and brands are property of their respective owners. All company, product and service names used here for identification purposes only. Use of these names, logos, and brands does not imply endorsement. You can freely use materials of this site, but it would be nice if you place a link on https://avleonov.com and send message about it at me@avleonov.com or contact me any other way.

Alexander V. Leonov

Vulnerability Management and more

Tag Archives: bizone

September “In the Trend of VM” (#19): vulnerabilities in the WinRAR and 7-Zip archivers, SAP NetWeaver, and TrueConf Server

About Remote Code Execution – WinRAR (CVE-2025-6218, CVE-2025-8088) vulnerabilities

CISO Forum 2019: Vulnerability Management, Red Teaming and a career in Information Security abroad