The security researcher, goodbyeselene reported the flaw to the vendor, RARLAB, on June 8th, 2023.
The high-severity vulnerability, which was tracked as CVE-2023-40477 (CVSS score 7.8), has now been fixed.
The vulnerability can be exploited by hackers to create a RAR file.
The specific flaw exists within the processing of recovery volumes.
On August 2nd, 2023, RARLAB releasedWinRAR version 6.23to correct the vulnerability.
More details can be foundhere.
Meanwhile, all WinRAR users are strongly recommended to update to the aforementioned version as soon as possible.
source: www.techworm.net
