In one of their first advisories released since taking responsibility for cybersecurity, NHS England Digital have warned of a critical cybersecurity vulnerability in the popular file compression software 7-Zip. The advisory, which dropped November 20, 2025, details a very serious vulnerability CVE-2025-11001. 7-Zip Version 21.02 added this vulnerability. The release of a public proof-of-concept exploit is serious enough that it has sparked large concern.
GMO Flatt Security Inc. security researcher Ryota Shiga uncovered a significant vulnerability. His most recent vulnerability report allows for remote code execution through improper handling of symbolic links in zip archives. This flaw is the basis for a directory traversal. It puts users on all Windows systems at extreme risk, as this one environment is the only one that can be exploited.
Exploit Details and Implications
NHS England Digital released an advisory warning that a public proof-of-concept exploit is available. They did reassure that there have not been any confirmed cases of active exploitation in the wild as of yet. The potential for misuse does exist, and it is always in the user’s best interest to practice all possible precautions.
“Active exploitation of CVE-2025-11001 has been observed in the wild,” – NHS England Digital
The advisory reiterates that exposure to this vulnerability is dependent on user context. Dominik, known as pacbypass, indicated that “this vulnerability can only be exploited from the context of an elevated user/service account or a machine with developer mode enabled.” This indicates that average users are more protected unless they have certain configurations in place—or certain privileges.
Mitigation Measures
The developers of 7-Zip quickly moved to address the security issues reported by CVE-2025-11001. In July 2025, they published version 25.00 to fix this fatal weakness and address an additional vulnerability CVE-2025-11002. The latter flaw, which has a CVSS score of 7.0, allows for remote code execution.
Our previously released Version 25.00 has very successfully mitigated risks associated with both vulnerabilities. It’s critical that users stay a step ahead and upgrade their software immediately to protect themselves.
Recommendations for Users
NHS England Digital is urging all users 7-Zip, especially version 21.0, to update to the latest version. Taking these steps now will mitigate against future catastrophes. The advisory serves as a reminder for individuals and organizations to maintain vigilant security practices, especially given the ongoing discovery of vulnerabilities in widely used software.