Organ Network security and American Infrastructure (CISA) on Tuesday added a recently disclosed security vulnerability in the UnRAR utility to its List of Known Exploits, based on evidence of exploitation. positive.
Tracked as CVE-2022-30333 (CVSS score: 7.5), the issue involves a path traversal vulnerability in Unix versions of UnRAR that can be triggered when extracting a generated RAR archive malicious craft.
This means that an adversary could exploit the vulnerability to drop arbitrary files on the target system with the utility installed simply by unzipping the file. The vulnerability was disclosed by SonarSource researcher Simon Scannell at the end of June.
“RARLAB UnRAR on Linux and UNIX contains a directory traversal vulnerability that allows attackers to write to files during decompression (decompression),” the agency said in an advisory.
Not much is known about the nature of the attacks, but the disclosure is evidence of a growing trend in which threat actors rapidly scan for vulnerable systems after a vulnerability. publicly revealed and take the opportunity to launch campaigns malware and ransomware.
On top of that, CISA also added CVE-2022-34713 to its catalog after Microsoft, as part of its Patch Tuesday update on August 9, revealed that it had seen indications that the vulnerability had been exploited. mining in nature.
Believed to be a variant of a vulnerability publicly known as DogWalk, a flaw in the Microsoft Windows Support Diagnostic Tool (MSDT) component could be exploited by attackers to execute arbitrary code on systems. sensitive by tricking the victim into opening the fake file.
Federal agencies in the US are required to apply updates to both bugs by August 30 to reduce the risk of cyberattacks.