VDB
CVE-2025-0411
CVE-2025-0411
PUBLISHED
KEV
CVSS 7 HIGH
This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
EPSS 46.72% · 97.7th percentile
Risk Scores
CVSS v3.1
7
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
EPSS Score
46.72%
97.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ABB | ABB Production Response Batch History <=6.2 | |
| ABB | ABB 800xA for Symphony Plus Harmony <=6.2 | |
| ABB | ABB Batch Management <=6.2 | |
| ABB | ABB 800xA History <=7.0 | |
| ABB | ABB Application Change Management <=6.2 | |
| ABB | ABB 800xA for AC 870P Melody <=6.2 |
Timeline
- Jan 21, 1970 VulnCheck XDB Entry
- Jan 21, 1970 VulnCheck XDB Entry
- Jan 21, 1970 VulnCheck XDB Entry
- Jan 19, 2025 PoC Published
- Jan 20, 2025 PoC Published
- Jan 20, 2025 CVE Published
- Jan 21, 2025 PoC Published
- Jan 21, 2025 PoC Published
- Jan 22, 2025 PoC Published
- Jan 22, 2025 PoC Published
- Jan 22, 2025 PoC Published
- Jan 22, 2025 PoC Published
References
- https://library.abb.com/d/3BSE080520D7000 advisory
- https://library.abb.com/d/3BSE037410D7000 advisory
- https://psirt.abb.com/csaf/2026/7paa023732.json advisory
- https://search.abb.com/library/Download.aspx?DocumentID=7PAA023732&LanguageCode=en&DocumentPartId=&Action=Launch advisory
- https://library.abb.com/d/3BDS011222D7000 advisory
- https://library.abb.com/d/3BSE034463D7000 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-0411 advisory