How severe is CVE-2025-0411?

This vulnerability has a severity rating of HIGH with a CVSS score of 7 out of 10.

What type of vulnerability is CVE-2025-0411?

This is classified as CWE-693, which is a common weakness in software security.

CVE-2025-0411

HIGH Year: 2025

CVSS v3 Score

7.0

High

Weakness Type

CWE-693

View all →

Vulnerability Description

7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of archived files. When extracting files from a crafted archive that bears the Mark-of-the-Web, 7-Zip does not propagate the Mark-of-the-Web to the extracted files. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. Was ZDI-CAN-25456.

CVE-2024-0029

HIGH

CVSS:7.1(High)

In multiple files, there is a possible way to capture the device screen when disallowed by device policy due to a logic error in the code. This could lead to local escalation of privilege with no addi...

CWE-6932024

CVE-2018-9314

MEDIUM

CVSS:6.8(Medium)

The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows an attack by an attacker who...

CWE-6932018

CVE-2019-19278

MEDIUM

CVSS:6.8(Medium)

A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180 Drives MLFB 6SR32..-.....-.... MLFB 6SR4...-.....-.... MLFB 6SR5...-.....-.... With option A30 (HMIs 12 inches or larger) (All ver...

CWE-6932019

CVE-2020-5379

MEDIUM

CVSS:6.8(Medium)

Dell Inspiron 7352 BIOS versions prior to A12 contain a UEFI BIOS Boot Services overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the...

CWE-6932020

CVE-2020-6977

MEDIUM

CVSS:6.8(Medium)

A restricted desktop environment escape vulnerability exists in the Kiosk Mode functionality of affected devices. Specially crafted inputs can allow the user to escape the restricted environment, resu...

CWE-6932020

CVE-2023-27383

MEDIUM

CVSS:6.8(Medium)

Protection mechanism failure in some Intel(R) oneAPI HPC Toolkit 2023.1 and Intel(R)MPI Library software before version 2021.9 may allow a privileged user to potentially enable escalation of privilege...

CWE-6932023

CVE-2025-0411

Vulnerability Description

Related Vulnerabilities

CVE-2024-0029

CVE-2018-9314

CVE-2019-19278

CVE-2020-5379

CVE-2020-6977

CVE-2023-27383