| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2025-0411 | 7-Zip Mark of the Web Bypass Vulnerability | exploitation_technique | T1566.001 | Spearphishing Attachment |
Comments
Attackers can double-archive malicious payloads with 7-Zip to bypass Windows's Mark-of-the-Web security feature, further allowing the bypassing of Microsoft Defender SmartScreen. This allows attackers to disseminate these payloads via methods like email attachments, which would normally be subject to additional scrutiny by the service's protective measures. This flaw was patched in 7-Zip version 24.09.
References
|
| CVE-2025-0411 | 7-Zip Mark of the Web Bypass Vulnerability | exploitation_technique | T1553.005 | Mark-of-the-Web Bypass |
Comments
Attackers can double-archive malicious payloads with 7-Zip to bypass Windows's Mark-of-the-Web security feature, further allowing the bypassing of Microsoft Defender SmartScreen. This allows attackers to disseminate these payloads via methods like email attachments, which would normally be subject to additional scrutiny by the service's protective measures. This flaw was patched in 7-Zip version 24.09.
References
|
| CVE-2025-0411 | 7-Zip Mark of the Web Bypass Vulnerability | primary_impact | T1588.001 | Malware |
Comments
Attackers can double-archive malicious payloads with 7-Zip to bypass Windows's Mark-of-the-Web security feature, further allowing the bypassing of Microsoft Defender SmartScreen. This allows attackers to disseminate these payloads via methods like email attachments, which would normally be subject to additional scrutiny by the service's protective measures. This flaw was patched in 7-Zip version 24.09.
References
|