← ExploitWatch
HomeExploited Vulnerabilities

CVE-2025-0411 — Actively Exploited: 7-Zip (7-Zip)

7-Zip contains a protection mechanism failure vulnerability that allows remote attackers to bypass the Mark-of-the-Web security feature to execute arbitrary code in the context of the current user.

CVE IDCVE-2025-0411
Vendor7-Zip
Product7-Zip
Vulnerability name7-Zip Mark of the Web Bypass Vulnerability
Date added2025-02-06
Remediation due2025-02-27
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Description7-Zip contains a protection mechanism failure vulnerability that allows remote attackers to bypass the Mark-of-the-Web security feature to execute arbitrary code in the context of the current user.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →