A vulnerability in WinRAR, the widely used file compression and archiving software for Windows, could allow remote attackers to execute arbitrary code on a user’s computer by exploiting a flaw in the processing of recovery volumes. The vulnerability, identified as CVE-2023-40477 with a CVSS score of 7.8, was reported to RARLAB on June 8th, 2023, by security researcher “goodbyeselene” from the Zero Day Initiative, explains Security Affairs.
Source: Heimdal Security Blog