Two critical zero-day vulnerabilities in WinRAR, tracked as CVE-2025-6218 and CVE-2025-8088, have been publicly disclosed and are being actively exploited in real-world attacks. These flaws allow remote attackers to execute arbitrary code on affected systems.

Affected Systems

• WinRAR, versions 7.11 and earlier

Security Risks

Exploitation of this vulnerability may lead to remote code execution on an affected system, allowing attackers to create unauthorized administrator accounts, deploy backdoors, and execute malicious code that can redirect visitors or further compromise the server.

Recommended Actions

The National Cyber Security Authority (NCSA) strongly recommends that system administrators:

• Users should take immediate action to manually update their WinRAR to versions 7.13 or later to mitigate the risk.

• Before any update task, please ensure you have a recent backup that can easily be restored.

For further information and support, please contact NCSA by email at rwcsirt@ncsa.gov.rw or call us at 9009

References

• NIST NVD – CVE-2025-6218

• NIST NVD – CVE-2025-8088

• https://securityonline.info/

• https://www.rarlab.com/