{"document":{"acknowledgments":[{"urls":["https://kb.cert.org/vuls/id/976247#acknowledgements"]}],"category":"CERT/CC Vulnerability Note","csaf_version":"2.0","notes":[{"category":"summary","text":"### Overview\r\nMalformed ZIP headers can be used to obfuscate malicious content in ZIP files from antivirus detection tools. Despite the presence of malformed headers, custom extraction software can decompress the ZIP archive, allowing potentially malicious payloads to be recovered after successful antivirus evasion.   \r\n\r\n*After a review of the researcher's published PoC and further analysis of the case, we have determined that this issue does not meet the necessary criteria to be considered a vulnerability. The originally reported behavior was based on a misunderstanding of native archive-handling capabilities in common operating systems such as Windows and Linux. It was initially believed that native extraction tools could successfully decompress ZIP files with malformed headers, while EDRs and antivirus security tools would fail. After additional testing, we have determined that extraction is not possible through standard archiving tools, and recovering the payload would instead require a custom loader. Accordingly, this technique can be more accurately described as an obfuscation method, as it does not meaningfully violate any implicit or explicit security boundaries.*\r\n\r\n### Description\r\nZIP archives contain metadata such as compression method, flags, and version information. Antivirus engines typically rely on this metadata to determine how to preprocess files before scanning. If an attacker modifies the compression-method header field, antivirus software may fail to properly decompress the file and will, therefore, be unable to analyze the actual payload.\r\n\r\nAfter antivirus evasion, the payload can be recovered by using a custom loader that ignores the declared `Method` field and instead decompresses embedded data directly. This allows an attacker to hide malicious content from antivirus engines while still being able to recover it programmatically.\r\n\r\nNotably, standard extraction tools (e.g. 7‑Zip, unzip, bsdtar, Python’s zipfile) trust the declared compression method and attempt decompression but then fail with CRC or “unsupported method” errors. These tools do not extract the payload and do not expose the underlying data. \r\n\r\nThis vulnerability is similar to VU#968818, CVE-2004-0935 but requires unique unpacking tools to enable any abuse or misuse.\r\n\r\n### Impact\r\nThis ZIP header obfuscation method requires custom tooling to fully recover the concealed malicious content. The impact of this obfuscation technique is limited to systems where other security policies (e.g., running arbitrary unzipping tools) may need to be bypassed to enable such an attack. \r\n\r\n### Solution\r\nAntivirus and EDR vendors should consider alerting on such behavior to ensure their customers are aware of malformed headers in zip content. Users should not use third-party tools or custom unzip capabilities to allow malicious content to be installed on their systems. \r\n\r\n### Acknowledgements\r\nThanks to the reporter, Christopher Aziz. This document was written by Laurie Tyzenhaus.","title":"Summary"},{"category":"legal_disclaimer","text":"THIS DOCUMENT IS PROVIDED ON AN 'AS IS' BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. ","title":"Legal Disclaimer"},{"category":"other","text":"CERT/CC Vulnerability Note is a limited advisory. It primarily identifies vendors impacted by the advisory and not specific products. We only support \"known_affected\" and \"known_not_affected\" status. Please consult the vendor's statements and advisory URL if provided by the vendor for more details ","title":"Limitations of Advisory"},{"category":"other","text":"It has been confirmed that ClamAV is unable to scan this type of malformed zip file. However, this is not considered a vulnerability, but rather, a hardening suggestion. It will be taken into consideration for future releases.","title":"Vendor statment from Cisco"}],"publisher":{"category":"coordinator","contact_details":"Email: cert@cert.org, Phone: +1412 268 5800","issuing_authority":"CERT/CC under DHS/CISA https://www.cisa.gov/cybersecurity also see https://kb.cert.org/ ","name":"CERT/CC","namespace":"https://kb.cert.org/"},"references":[{"url":"https://certcc.github.io/certcc_disclosure_policy","summary":"CERT/CC vulnerability disclosure policy"},{"summary":"CERT/CC document released","category":"self","url":"https://kb.cert.org/vuls/id/976247"},{"url":"https://github.com/bombadil-systems/zombie-zip","summary":"https://github.com/bombadil-systems/zombie-zip"},{"url":"https://kb.cert.org/vuls/id/968818","summary":"https://kb.cert.org/vuls/id/968818"},{"url":"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCws77013","summary":"Reference(s) from vendor \"Cisco\""}],"title":"Retraction of \"Antivirus and Endpoint Detection and Response Archive Scanning Engines may not properly scan malformed ZIP archives\"","tracking":{"current_release_date":"2026-03-24T20:27:38+00:00","generator":{"engine":{"name":"VINCE","version":"3.0.35"}},"id":"VU#976247","initial_release_date":"2004-12-10 00:00:00+00:00","revision_history":[{"date":"2026-03-24T20:27:38+00:00","number":"1.20260324202738.4","summary":"Released on 2026-03-24T20:27:38+00:00"}],"status":"final","version":"1.20260324202738.4"}},"vulnerabilities":[{"notes":[{"category":"general","text":"No vulnerabilities have been defined at this time for this report"}]}]}