In this episode of CVE of the Week, John and Lou unpack a fresh pair of vulnerabilities affecting one of the most common tools on Windows desktops — 7-Zip.

Tracked as CVE-2025-11001 and CVE-2025-11002, these directory traversal flaws allow attackers to craft malicious archives that can escape the extraction folder, overwrite arbitrary files, and potentially lead to remote code execution (RCE). The hosts discuss how the vulnerabilities impact not just individual users but also automated systems such as CI/CD pipelines, backup servers, and antivirus scanners that automatically unpack archives.

They also cover how this seemingly moderate (CVSS 7.0) issue highlights a deeper problem — shadow IT and uncontrolled software installation inside enterprise environments. From patching strategies to user privilege escalation controls, this episode offers real-world guidance for keeping your organization secure.

⸻

Key Takeaways

•Two new 7-Zip vulnerabilities (CVE-2025-11001 & CVE-2025-11002) enable directory traversal and code execution.

•Impacts Windows desktops and automated extraction workflows in enterprise systems.

•Proof-of-concept exploits are already public on GitHub.

•The fix: Update 7-Zip immediately, disable automatic extraction of untrusted files, and audit your endpoint permissions.

•Also, define a clear policy for software installation to minimize risk from unmanaged tools.

⸻

Stay Connected

IT SPARC Cast

@ITSPARCCast on X

https://www.linkedin.com/company/sparc-sales/ on LinkedIn

John Barger

@john_Video on X

https://www.linkedin.com/in/johnbarger/ on LinkedIn

Lou Schmidt

@loudoggeek on X

https://www.linkedin.com/in/louis-schmidt-b102446/ on LinkedIn

Hosted on Acast. See acast.com/privacy for more information.