CVE-2023-40477

ENISA EUVD: EUVD-2023-45048 ↗

✓ Confirmed 0-Day

Triaged: March 20, 2026 3 articles Published: 2024-05-03

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗

EPSS Score

Source: FIRST.org · 2026-05-23

91.89%

probability

This CVE has a 91.89% probability of being exploited in the next 30 days.

0% Top 99.7th percentile of all CVEs 100%

CVSS v3.0

Source: VulnerabilityLookup (CIRCL)

7.8

HIGH

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

VulnerabilityLookup (CNA)

RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of recovery volumes. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21233.

Affected Products

RARLAB

WinRAR

6.21

rarlab

winrar

RARLAB

WinRAR

6.21

Attack Intelligence

CWE-1285 CWE-129 · Improper Validation of Array Index CWE-20 · Improper Input Validation CWE-707 · Improper Neutralization

Exploits & PoC

wildptr-io/Winrar-CVE-2023-40477-POC

CVE-2023-40477 PoC by Wild-Pointer

24 2023-08-30

winkler-winsen/Scan_WinRAR

Scan for WinRAR files affected to CVE-2023-40477

0 2023-08-29

2 repos — triés par ⭐ Rechercher sur GitHub ↗

https://www.zerodayinitiative.com/advisories/ZDI-23-1152/

x_research-advisory

https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=232&cHash=c5bf79590657e32554c6683296a8e8aa

vendor-advisory

Signal Intelligence

Confidenceⓘ

85%

EPSS 91.89%

CVSS v3.0 7.8

Mentions 3

Last Seen Aug 23, 2023

CNA Information

CNA Assigner

zdi

CNA Title

RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability

Analyst Note

Article [1] explicitly states 'WinRAR zero-day exploited since April', confirming in-the-wild exploitation. The CVE-2023-40477 is from 2023 and demonstrates active attacks against real targets (trading accounts) with clear timing documentation of exploitation preceding broader disclosure.

Triage Info

Decided atMar 20, 2026

Published DateMay 03, 2024