FILE-OTHER -- Snort detected traffic targeting vulnerabilities in a file type that does not require enough rule coverage to have its own category.
FILE-OTHER Microsoft Windows CLFS driver privilege escalation attempt
This rule looks for a maliciously crafted log file when loaded into the Windows common log file system drive and causes an escalation of privilege in the system, allowing an attacker to execute code with high privileges
What To Look For
This rule will alert when there's an attempt to exploit CVE-2022-24521
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE ATT&CK Framework
Technique: User Execution
For reference, see the MITRE ATT&CK vulnerability types here:
Escalation of Privilege
An Escalation of Privilege (EOP) attack is any attack method that results in a user or application gaining permissions to access resources they normally would not have access to.
CVE Additional Information