Rule Library
Sigma Rules
2 rules found for "CVE-2023-40477"
3,731Total
3,132Detection
457Emerging
139Hunting
Emerging Threatlowtest
CVE-2023-40477 Potential Exploitation - .REV File Creation
Detects the creation of ".rev" files by WinRAR. Could be indicative of potential exploitation of CVE-2023-40477. Look for a suspicious execution shortly after creation or a WinRAR application crash.
WindowsFile Event
Nasreddine Bencherchali (Nextron Systems)Thu Aug 312023
Emerging Threatmediumtest
CVE-2023-40477 Potential Exploitation - WinRAR Application Crash
Detects a crash of "WinRAR.exe" where the version is lower than 6.23. This could indicate potential exploitation of CVE-2023-40477
Windowsapplication
Nasreddine Bencherchali (Nextron Systems)Thu Aug 312023