{"uuid": "deaf0253-a4cd-4576-9c71-22c1443e5f01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-20250", "type": "exploited", "source": "https://t.me/ExcreamOnSecurity/54", "content": "Analysis of a targeted attack exploiting the WinRAR CVE-2018-20250 vulnerability\n\nThe WinRAR vulnerability was discovered by Check Point researchers, who demonstrated in a February 20 blog post that a specially crafted ACE file (a type of compressed file) could allow remote code execution. Attackers quickly took advantage of the vulnerability in attacks, including a targeted attack that 360 Total Security researchers discovered just two days after disclosure. The exploit has since been observed in multiple malware attacks.\n\nhttps://www.microsoft.com/security/blog/2019/04/10/analysis-of-a-targeted-attack-exploiting-the-winrar-cve-2018-20250-vulnerability/\n#exploit #winrar", "creation_timestamp": "2019-04-14T19:55:30.000000Z"}