CVE-2025-29864 PUBLISHED

Assigner: krcert
Reserved: 12.03.2025 Published: 03.12.2025 Updated: 03.12.2025

Protection Mechanism Failure vulnerability in ESTsoft ALZip on Windows allows SmartScreen bypass.This issue affects ALZip: from 12.01 before 12.29.

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
CVSS Score: 6.2

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Local	Confidentiality	None	Confidentiality	High
Attack Complexity	Low	Integrity	None	Integrity	High
Attack Requirements	None	Availability	None	Availability	High
Privileges Required	None
User Interaction	Active

CVSS 4.0

Vendor	ESTsoft
Product	ALZip
Versions	Default: unaffected affected from 12.01 to 12.29 (excl.)