WinRAR exploit enables attackers to run malicious code on your PC — critical vulnerability patched in latest beta update

A hacker holding an archive
(Image credit: Pexels / OpenClipArt)

A significant security exploit in WinRAR, the popular file archiver software, was recently reported via Trend Micro’s Zero Day Initiative. The directory traversal vulnerability identified as CVE-2025-6218 is said to take advantage of how a file compression tool handles directory paths within archive files, allowing remote attackers to execute arbitrary code by creating and distributing malicious archives.

Discovered by independent researcher ‘whs3-detonator,’ the vulnerability allows an attacker to run harmful code on a victim's computer. Although user interaction is necessary for the attack to be successful, the attacker can essentially manipulate the file paths handled by WinRAR during extraction. By doing so, they can trick the software to place files outside the intended folder, allowing potential access to restricted system directories.

Kunal Khullar
News Contributor

Kunal Khullar is a contributing writer at Tom’s Hardware.  He is a long time technology journalist and reviewer specializing in PC components and peripherals, and welcomes any and every question around building a PC.