CVE-2022-47069 – This vulnerability in p7zip 16.02 involves an o... (How to Fix)

Q: What is the severity of CVE-2022-47069?

CVE-2022-47069 has a CVSS score of 7.8 (HIGH). This vulnerability in p7zip 16.02 involves an out-of-bounds read in the ZIP archive parsing code. Attackers could potentially cause crashes or read unintended memory by tricking users into opening malicious ZIP archives. Anyone using p7zip 16.02 to extract ZIP files is affected.

📋 TL;DR

This vulnerability in p7zip 16.02 involves an out-of-bounds read in the ZIP archive parsing code. Attackers could potentially cause crashes or read unintended memory by tricking users into opening malicious ZIP archives. Anyone using p7zip 16.02 to extract ZIP files is affected.

💻 Affected Systems

Products:

p7zip

Versions: 16.02

Operating Systems: All platforms where p7zip runs (Linux, Windows, macOS)

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects ZIP archive processing; other archive formats are not vulnerable.

📦 What is this software?

P7zip by 7 Zip

View all CVEs affecting P7zip →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise if combined with other vulnerabilities, though this is unlikely given the out-of-bounds read nature.

🟠

Likely Case

Application crash (denial of service) or information disclosure through memory leaks when processing specially crafted ZIP archives.

🟢

If Mitigated

Minimal impact with proper input validation and sandboxing; crashes contained within the application.

🌐 Internet-Facing: MEDIUM - Exploitation requires user interaction to open malicious archives, but p7zip is widely used for file extraction.

🏢 Internal Only: MEDIUM - Similar risk profile internally; depends on how frequently users extract untrusted ZIP files.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires user interaction to open malicious ZIP files. The vulnerability is an out-of-bounds read, not a buffer overflow as initially reported.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 16.03 and later

Vendor Advisory: https://sourceforge.net/p/p7zip/bugs/241/

Restart Required: No

Instructions:

1. Download latest p7zip version from official repository. 2. Uninstall current version. 3. Install new version following platform-specific instructions.

🔧 Temporary Workarounds

Disable ZIP extraction

all

Temporarily disable ZIP archive processing in p7zip if not needed

# Not applicable - configuration dependent

Use alternative archive tools

all

Use other archive utilities like unzip, 7zip, or tar for ZIP files

# Install alternative: sudo apt-get install unzip
# On Windows: Use built-in ZIP support or 7-Zip

🧯 If You Can't Patch

Restrict p7zip usage to trusted users only
Implement application whitelisting to prevent execution of p7zip on untrusted systems

🔍 How to Verify

Check if Vulnerable:

Check p7zip version: '7z --version' or 'p7zip --version'

Check Version:

7z --version | head -1

Verify Fix Applied:

Verify version is 16.03 or higher after update

📡 Detection & Monitoring

Log Indicators:

Application crashes when processing ZIP files
Memory access violation errors in system logs

Network Indicators:

Unusual network traffic following p7zip execution
Downloads of suspicious ZIP files

SIEM Query:

Process:name='7z' AND EventID=1000 (Application Crash)

📊 Metadata

CVE ID: CVE-2022-47069

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: August 22, 2023

Last Updated: November 20, 2025

🔗 References

https://sourceforge.net/p/p7zip/bugs/241/ Exploit,Issue Tracking,Third Party Advisory
https://sourceforge.net/p/p7zip/bugs/241/ Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-47069, you might also want to check these: