Analysis of 7-Zip vulnerabilities: CVE-2025-11001 and CVE-2025-11002

This advisory details two 7‑Zip vulnerabilities (CVE-2025-11001 and CVE-2025-11002) where improper handling of Linux symbolic links on Windows leads to path-traversal during extraction of crafted ZIP files, enabling attackers to write files (including potentially malicious executables) to locations such as the Windows Startup folder and achieve code execution as a service account; both issues are rated CVSS 7.0 and resolved in 7‑Zip 25.00, and the report recommends least-privilege, application control, and ThreatLocker-specific mitigations.