A threat actor has allegedly put a zero-day Remote Code Execution (RCE) vulnerability for WinRAR up for sale on a popular cybercrime forum. The seller is asking for $65,000 for the exploit, which they claim affects WinRAR version 7.13 and all prior versions. WinRAR is an incredibly popular file archiver utility used by millions of people and organizations worldwide for compressing and decompressing files, making any critical vulnerability a significant security concern for a vast user base.
If the threat actor’s claims are legitimate, this zero-day vulnerability could allow an attacker to execute arbitrary code on a victim’s computer by simply having them open a specially crafted archive file. An RCE is one of the most critical types of vulnerabilities, as it can grant an attacker complete control over a compromised system, enabling them to steal data, install malware like ransomware, or conduct further network intrusions. The seller noted that the transaction for the exploit would be conducted through a forum guarantor to ensure the sale.
