Platform
windows
Component
winrar
Fixed in
5.61.1
CVE-2019-25677 describes a denial-of-service (DoS) vulnerability discovered in WinRAR. An attacker can trigger a crash by placing a specially crafted winrar.lng language file in the WinRAR installation directory and then exploiting it by opening an archive and pressing the test button. This vulnerability affects WinRAR versions 5.61 and is currently mitigated by upgrading to a patched version.
This vulnerability allows a local attacker to crash the WinRAR application, potentially disrupting user workflows and causing data loss if unsaved operations are in progress. While the attack requires local access to the installation directory, this could be achieved through compromised user accounts or physical access to the system. The impact is primarily application-level denial of service, but repeated crashes could lead to frustration and reduced productivity. The attack leverages the application's handling of language files, exploiting a flaw in how it parses and processes the data, leading to an access violation.
CVE-2019-25677 was published on 2026-04-05. There is no indication of active exploitation or inclusion in the CISA KEV catalog. Public proof-of-concept (PoC) code is not widely available, suggesting a relatively low exploitation probability. The vulnerability's reliance on local access limits its potential for widespread exploitation.
Exploit Status
EPSS
0.01% (3% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2019-25677 is to upgrade WinRAR to a patched version. As no specific fixed version is provided, users should check the official WinRAR website for the latest available release. If upgrading is not immediately feasible, restrict access to the WinRAR installation directory to prevent unauthorized modification of language files. Consider implementing application whitelisting policies to limit the execution of untrusted software. After upgrading, confirm the fix by attempting to open an archive with a known malicious winrar.lng file (if available) and verifying that WinRAR does not crash.
Update WinRAR to a patched version. Version 5.61 is vulnerable; consult the vendor's website for the latest stable and secure version.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2019-25677 is a denial-of-service vulnerability in WinRAR 5.61 that allows a local attacker to crash the application by exploiting a malformed language file.
If you are using WinRAR version 5.61, you are potentially affected by this vulnerability. Upgrade to a patched version to mitigate the risk.
The recommended fix is to upgrade WinRAR to the latest available version from the official WinRAR website. Check for updates and install the newest release.
There is currently no evidence of active exploitation of CVE-2019-25677 in the wild, but it remains a potential risk.
Please refer to the official WinRAR website for information and updates regarding CVE-2019-25677 and available patches.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.