Rule Library
Sigma Rules
3 rules found for "CVE-2023-23397"
3,731Total
3,132Detection
457Emerging
139Hunting
Emerging Threatlowtest
Outlook Task/Note Reminder Received
Detects changes to the registry values related to outlook that indicates that a reminder was triggered for a Note or Task item. This could be a sign of exploitation of CVE-2023-23397. Further investigation is required to determine the success of an exploitation.
WindowsRegistry Set
Nasreddine Bencherchali (Nextron Systems)Wed Apr 052023
Emerging Threatcriticaltest
CVE-2023-23397 Exploitation Attempt
Detects outlook initiating connection to a WebDAV or SMB share, which could be a sign of CVE-2023-23397 exploitation.
Windowssecurity
Robert LeeThu Mar 162023
Emerging Threatmediumtest
Potential CVE-2023-23397 Exploitation Attempt - SMB
Detects (failed) outbound connection attempts to internet facing SMB servers. This could be a sign of potential exploitation attempts of CVE-2023-23397.
Windowssmbclient-connectivity
Nasreddine Bencherchali (Nextron Systems)Wed Apr 052023