The US Cybersecurity and Infrastructure Security Agency (CISA) added an entry into their Known Exploited Vunerabolities Catalogue regarding the security flaw in the UnRAR software. It was tracked as CVE-2022-30333 and has a CVSS score of 7.5.
The issue is regarding a path transversal vulnerability in the Unix versions of the software and can be triggered upon extracting a maliciously crafted RAR archive. Therefore, any adversary could exploit this flaw to drop arbitrary files on their target system having the utility installed. All they have to do is decompress the file. The vulnerability was revealed in late June by researcher Simon Scannell from SonarSource.
The agency stated in an advisory that the RARLAB UnRAR on UNIX and Linux contains a directory traversal vulnerability. Therefore, any attacker will be able to write files during unpacking or extracting operations.
The nature of the attacks has not been revealed, but this disclosure means there is a growing trend where threat actors scan vulnerable systems to find an opening after publicly disclosed flaws. They are super quick about it and use these vulnerabilities to launch ransomware and malware campaigns.
CISA has also taken steps to address the vulnerabilities and has added CVE-2022-34713 to the catalog soon after Microsoft revealed, in its Patch Tuesday updates, that the vulnerability was being exploited.
This vulnerability is said to be a variant of the publicly known DogWalk, and this shortcoming detected in the Microsoft Windows Support Diagnostic Tool or MSDT could be used by rogue actors to execute arbitrary codes on vulnerable systems. Threat actors can do so by tricking the victims into opening a decoy file.
- Cyber Espionage Operations in South Asia face a crackdown by Meta
- North Korean Hackers Try a New Tactic – Use Malicious Browser Extensions to Spy on Email Accounts
- Austrian Company Exploiting Windows and Adobe Zero-Day Exploits – Gets Caught by Microsoft
- Candiru Spyware Targeting Journalists by Exploiting Google Chrome Zero-Day
- Canada Bans All Huawei Equipment from their 5G Networks
- Windows Defender vs Avast