Most of us use WinRar for unzip RAR and ZIP files on our computers, ad like every other software in existence, this too, has its fair share of vulnerabilities. The most recent and most dangerous vulnerability, also known as CVE-2023-38831, has come in the limelight once again, as the Ukrainian National Security and Defense Council (NDSC) has now reported that a Russian State-Sponsored threat actor known as NOBELIUM is using this vulnerability to target foreign embassies.
Now, what exactly is the CVE-2023-38831 vulnerability within WinRar?
Unlike other vulnerabilities, which tend to be minor, CVE-2023-38831 is known to be a cut above the rest. By exploiting this vulnerability, the threat actors or other parties can install malicious code on the recipient’s computer, which in turn can cause serious mayhem. Some of the common malware that is being circulated using this vulnerability are info stealers, which are used to grab passwords, classified documents, and system information, among others.