Active Exploitation of UnRAR Software - CISA Issues Warning for Linux Systems

Active Exploitation of UnRAR Software – CISA Issues Warning for Linux Systems

The US Cybersecurity and Infrastructure Security Agency (CISA) added an entry into their Known Exploited Vunerabolities Catalogue regarding the security flaw in the UnRAR software. It was tracked as CVE-2022-30333 and has a CVSS score of 7.5.

The issue is regarding a path transversal vulnerability in the Unix versions of the software and can be triggered upon extracting a maliciously crafted RAR archive. Therefore, any adversary could exploit this flaw to drop arbitrary files on their target system having the utility installed. All they have to do is decompress the file. The vulnerability was revealed in late June by researcher Simon Scannell from SonarSource.

The agency stated in an advisory that the RARLAB UnRAR on UNIX and Linux contains a directory traversal vulnerability. Therefore, any attacker will be able to write files during unpacking or extracting operations.

The nature of the attacks has not been revealed, but this disclosure means there is a growing trend where threat actors scan vulnerable systems to find an opening after publicly disclosed flaws. They are super quick about it and use these vulnerabilities to launch ransomware and malware campaigns.

CISA has also taken steps to address the vulnerabilities and has added CVE-2022-34713 to the catalog soon after Microsoft revealed, in its Patch Tuesday updates, that the vulnerability was being exploited.

This vulnerability is said to be a variant of the publicly known DogWalk, and this shortcoming detected in the Microsoft Windows Support Diagnostic Tool or MSDT could be used by rogue actors to execute arbitrary codes on vulnerable systems. Threat actors can do so by tricking the victims into opening a decoy file.

Read also:

Abdul Wahab is a Software Engineer by profession and a Tech geek by nature. Having been associated with the tech industry for the last five years, he has covered a wide range of Tech topics and produced well-researched and engaging content. You will mostly find him reviewing tech products and writing blog posts. Binge-watching tech reviews and endlessly reading tech blogs are his favorite hobbies.