What is the severity of CVE-2024-8811?

CVE-2024-8811 is considered a medium-severity vulnerability due to its reliance on user interaction for exploitation.

How do I fix CVE-2024-8811?

To mitigate CVE-2024-8811, update WinZip to version 76.8 or later as this version addresses the vulnerability.

What type of attacks can exploit CVE-2024-8811?

CVE-2024-8811 can be exploited through remote attacks where users visit a malicious page or open a compromised file.

Who is affected by CVE-2024-8811?

CVE-2024-8811 affects installations of WinZip prior to version 76.8.

Is user interaction required for CVE-2024-8811 exploitation?

Yes, user interaction is necessary to exploit CVE-2024-8811, as users must engage with a malicious source.

Vulnerability/
CVE-2024-8811

high

7.8

CWE

693 670

EPSS

0.057%

22/11/2024

3/1/2025

29/1/2025

CVE-2024-8811: WinZip Mark-of-the-Web Bypass Vulnerability

First published: Fri Nov 22 2024(Updated: )

This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of archive files. When opening an archive that bears the Mark-of-the-Web, WinZip removes the Mark-of-the-Web from the archive file. Following extraction, the extracted files also lack the Mark-of-the-Web. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user.

Credit: zdi-disclosures@trendmicro.com

Affected Software	Affected Version	How to fix
WinZip	<76.8
WinZip

Never miss a vulnerability like this again

Reference Links

https://www.zerodayinitiative.com/advisories/ZDI-24-1234/

Frequently Asked Questions

What is the severity of CVE-2024-8811?
CVE-2024-8811 is considered a medium-severity vulnerability due to its reliance on user interaction for exploitation.
How do I fix CVE-2024-8811?
To mitigate CVE-2024-8811, update WinZip to version 76.8 or later as this version addresses the vulnerability.
What type of attacks can exploit CVE-2024-8811?
CVE-2024-8811 can be exploited through remote attacks where users visit a malicious page or open a compromised file.
Who is affected by CVE-2024-8811?
CVE-2024-8811 affects installations of WinZip prior to version 76.8.
Is user interaction required for CVE-2024-8811 exploitation?
Yes, user interaction is necessary to exploit CVE-2024-8811, as users must engage with a malicious source.

agent/title
agent/references
agent/first-publish-date
agent/type
agent/description
agent/author
agent/event
collector/mitre-cve
source/MITRE
agent/trending
agent/last-modified-date
agent/weakness
agent/severity
agent/softwarecombine
collector/epss-latest
source/FIRST
agent/epss
agent/source
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/zdi-advisory
source/ZDI
alias/ZDI-24-1234
alias/ZDI-CAN-23983
alias/CVE-2024-8811
vendor/winzip
canonical/winzip
vendor/winzip computing

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.