CVE-2023-38831
WinRAR ACE archive extraction vulnerability. Malicious EXE files can be downloaded to the system and run via specially prepared .rar or .zip files.
Vulnerability Profile
CVSS Score
7.8 / 10.0
Severity
High
Exploitation Status
⚠ Active Exploitation
Patch Status
✓ Patch Available
Affected Software
WinRAR < 6.23
Exploitation Method
Archive Extraction RCE
MITRE ATT&CK
T1203 - Exploitation for Client Execution
CVE-2023-38831 WinRAR arsiv extraction acigi. Sahte dosya uzantisi ile zarali EXE dosyalari calistirilabiliyor. DarkMe RAT, GuLoader ve cesitli stealer ailelerinin dagitiminda kullanilmistir. Patch: WinRAR 6.23 (2023-08-02).