CVE-2025-11002 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-11002 PUBLISHED CVSS 7 HIGH

This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Crafted data in a ZIP file can cause the process to traverse to unintended directories.

EPSS 0.11% · 29.4th percentile

Risk Scores

CVSS v3.0

7

CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

EPSS Score

0.11%

29.4th percentile

Affected Products

Vendor	Product	Versions
ABB	ABB 800xA History <=7.0
ABB	ABB 800xA for Symphony Plus Harmony <=6.2
ABB	ABB Production Response Batch History <=6.2
ABB	ABB Application Change Management <=6.2
ABB	ABB 800xA for AC 870P Melody <=6.2
ABB	ABB Batch Management <=6.2

Timeline

Oct 7, 2025 PoC Published
Oct 8, 2025 PoC Published
Oct 10, 2025 PoC Published
Oct 10, 2025 PoC Published
Oct 13, 2025 PoC Published
Oct 13, 2025 PoC Published
Oct 13, 2025 PoC Published
Oct 14, 2025 PoC Published
Oct 14, 2025 PoC Published
Oct 14, 2025 PoC Published
Oct 15, 2025 PoC Published
Oct 18, 2025 PoC Published

References

https://psirt.abb.com/csaf/2026/7paa023732.json advisory
https://search.abb.com/library/Download.aspx?DocumentID=7PAA023732&LanguageCode=en&DocumentPartId=&Action=Launch advisory
https://library.abb.com/d/3BDS011222D7000 advisory
https://library.abb.com/d/3BSE034463D7000 advisory
https://library.abb.com/d/3BSE037410D7000 advisory
https://library.abb.com/d/3BSE080520D7000 advisory
https://nvd.nist.gov/vuln/detail/CVE-2025-11002 advisory

Open in Interactive Console →