Rule Library

Sigma Rules

1 rule found for "CVE-2022-26809"

3,731Total

3,132Detection

457Emerging

139Hunting

Filters

Type

Severity

Status

Product

Potential CVE-2022-26809 Exploitation Attempt

Detects suspicious remote procedure call (RPC) service anomalies based on the spawned sub processes (long shot to detect the exploitation of vulnerabilities like CVE-2022-26809)

WindowsProcess Creation

Florian Roth (Nextron Systems)Wed Apr 132022