CVE-2025-55188: 7-Zip Arbitrary File Write Flaw Could Lead to Code Execution

A newly disclosed vulnerability in 7-Zip, tracked as CVE-2025-55188, has been identified by security researcher Landon. The flaw, rated CVSS 2.7, affects versions prior to 25.01 and could allow attackers to perform arbitrary file writes during archive extraction — potentially escalating to arbitrary code execution in certain scenarios.

According to the report, “extracting a maliciously-crafted archive with 7-Zip prior to 25.01 allows for arbitrary file write, which may lead to arbitrary code execution.”

The issue stems from improper handling of symbolic links during extraction. 7-Zip follows symbolic links when unpacking archives, meaning a malicious archive could point extracted files to locations outside the intended directory — overwriting critical files on the system.

Exploitation requires specific conditions:

• Linux – Any user running 7-Zip before 25.01 and extracting an archive in a format supporting symbolic links (e.g., .zip, .tar, .7z, .rar) is vulnerable.
• Windows – Exploitation is possible but harder. The extraction process must have permissions to create symbolic links, which can occur if:
  • 7-Zip is run with Administrator privileges.
  • Windows is in Developer Mode.
  • Other special permissions are enabled.

Once triggered, an attacker could overwrite sensitive files, such as SSH keys or .bashrc, allowing for persistent backdoors or command execution.

While CVSS 2.7 might suggest low severity, the impact can be severe if the attacker can control the archive contents and the target’s extraction environment. Landon warns that “in one extraction, an attacker may attempt several times to leverage this vulnerability to write to sensitive files.”

Such an attack could:

• Compromise secure shell (SSH) authentication.
• Modify startup scripts for persistence.
• Tamper with configuration files to bypass security controls.

The fix is included in 7-Zip version 25.01. Users should:

• Update immediately to 25.01 or later from the official 7-Zip website.
• Avoid extracting archives from untrusted sources.
• Use sandboxed or isolated environments when handling unknown files.

Related Posts:

• CVE-2025-0411: 7-Zip Security Vulnerability Enables Code Execution – Update Now
• Two Vulnerabilities in 7-Zip Could Trigger Denial of Service
• PoC for 7-Zip CVE-2025-0411 Lets Attackers Bypass MotW and Run Malicious Code
• CVE-2025-0411: 7-Zip Vulnerability Exploited in Attacks on Ukraine
• CVE-2022-29072: 7-Zip Privilege Escalation Vulnerability