OS-WINDOWS -- Snort has detected traffic targeting vulnerabilities in a Windows-based operating system. This does not include browser traffic or other software on the OS, but attacks against the OS itself. (such as?)
OS-WINDOWS Microsoft Windows Common Log File System driver information disclosure attempt
This rule looks for a maliciously crafted file over the network that is able to cause an information disclosure when executed on a victim's computer.
This rule fires on attempts to exploit an information disclosure in the Windows Common Log File System Driver.
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE::ATT&CK Framework::Enterprise::Execution::User Execution::Malicious File
MITRE::ATT&CK Framework::Enterprise::Privilege Escalation::Exploitation for Privilege Escalation
Vulnerability::Severity::High
Vulnerability::Severity::Critical
Vulnerability::Severity::Medium
Information Leak
Information Leakage happens when an attacker manipulates a system into revealing sensitive information, either through malformed input or by taking advantage of another feature of the system.
CVE-2023-36713 |
Loading description
|