OS-WINDOWS -- Snort has detected traffic targeting vulnerabilities in a Windows-based operating system. This does not include browser traffic or other software on the OS, but attacks against the OS itself.
OS-WINDOWS Windows Win32 Kernel subsystem elevation of privilege attempt
This rule looks for traffic that exploits the vulnerability outlined in CVE-2022-41113.
This rule alerts on initial exploit traffic.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
No information provided