CVE-2022-29072

HIGH

7-Zip <21.07 - Privilege Escalation

Title source: llm

Description

7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area. This is caused by misconfiguration of 7z.dll and a heap overflow. The command runs in a child process under the 7zFM.exe process. NOTE: multiple third parties have reported that no privilege escalation can occur

Exploits (5)

nomisec WRITEUP 676 stars

by kagancapar · poc

https://github.com/kagancapar/CVE-2022-29072

View Code ZIP pw:eip

nomisec WRITEUP 8 stars

by sentinelblue · poc

https://github.com/sentinelblue/CVE-2022-29072

View Code ZIP pw:eip

nomisec SCANNER 6 stars

by tiktb8 · poc

https://github.com/tiktb8/CVE-2022-29072

View Code ZIP pw:eip

nomisec WRITEUP 3 stars

by Phantomiman · poc

https://github.com/Phantomiman/7-Zip.chm-Mitigation

View Code ZIP pw:eip

nomisec NO CODE

by rasan2001 · poc

https://github.com/rasan2001/CVE-2022-29072

View Code ZIP pw:eip

References (5)

Core 5

Core References

Exploit, Issue Tracking, Third Party Advisory x_refsource_misc

https://sourceforge.net/p/sevenzip/bugs/2337/

Exploit, Third Party Advisory x_refsource_misc

https://www.youtube.com/watch?v=sT1cvbu7ZTA

Exploit, Third Party Advisory x_refsource_misc

https://github.com/kagancapar/CVE-2022-29072

Issue Tracking, Third Party Advisory x_refsource_misc

https://news.ycombinator.com/item?id=31070256

Broken Link x_refsource_misc

http://packetstormsecurity.com/files/166763/7-Zip-21.07-Code-Execution-Privilege-Escalation.html

Scores

CVSS v3 7.8

EPSS 0.1807

EPSS Percentile 95.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-787

Status published

Products (1)

7-zip/7-zip < 21.07

Published Apr 15, 2022

Tracked Since Feb 18, 2026