Serious Windows and Linux UnRAR vulnerabilities exploited in the wild
The US Cybersecurity and Infrastructure Security Agency has added two severe zero-day security flaws exploited in the wild to its catalogue.
The two exploits are assigned the common vulnerabilities and exposures identifiers of CVE-2022-34713 and CVE-2022-30333, with severity ratings of 7.8 and 7.5, respectively.
CVE-2022-34713, also known as Dogwalk, is a Microsoft Support Diagnostic Tool exploit that lets attackers remotely execute code by placing an executable file in the Windows Startup folder.
Security researcher Imre Rad reported Dogwalk in December 2019.
Microsoft only issued a patch for the Dogwalk vulnerability in a 9 August 2022 security update and admitted it had been exploited in attacks.
Attackers also exploited the file write vulnerability tracked as CVE-2022-30333 to steal emails and login credentials from individual Zimbra Mail user accounts, SonarSource reported.
The bug lets attackers create files outside the target extraction directory when an application or user extracts an untrusted archive.
The company discovered the bug inside the UnRAR utility for Linux and Unix systems and explained that any software relying on an unpatched version was affected.
RarLab issued an official security patch in version 6.17 of the UnRar source code, and it is included with the binaries of version 6.12.
However, SonarSource warned any previous versions of the UnRAR code could be vulnerable.