CVE-2018-10115
HIGH EXPLOITED RANSOMWARE7-zip < 18.03 - Remote Code Execution via RAR Decoder Uninitialized Memory
Title source: llmExploitation Summary
CVE-2018-10115 has been observed exploited in the wild (reported by VulnCheck KEV), including in ransomware campaigns.
Description
Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive.
References (4)
Core 4
Core References
Issue Tracking x_refsource_confirm
https://sourceforge.net/p/sevenzip/discussion/45797/thread/adc65bfa/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1040832
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/104132
Exploit, Third Party Advisory x_refsource_misc
https://landave.io/2018/05/7-zip-from-uninitialized-memory-to-remote-code-execution/
Scores
CVSS v3
7.8
EPSS
0.0498
EPSS Percentile
91.1%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2020-02-25
Ransomware Use
Confirmed
CWE
CWE-665
CWE-908
Status
published
Products (1)
7-zip/7-zip
< 18.03
Published
May 02, 2018
Tracked Since
Feb 18, 2026