NVD - CVE-2023-38831 (original) (raw)

Change History

9 change records found show changes

Modified Analysis by NIST 8/14/2024 11:28:44 AM

Action	Type	Old Value	New Value
Added	CWE		NIST CWE-345
Removed	CWE	NIST NVD-CWE-noinfo

CVE Modified by CISA-ADP 7/02/2024 9:40:53 PM

Action	Type	Old Value	New Value
Added	CVSS V3.1		CISA-ADP AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Added	CWE		CISA-ADP CWE-351

Modified Analysis by NIST 6/27/2024 2:47:24 PM

Action	Type	Old Value	New Value
Changed	Reference Type	http://packetstormsecurity.com/files/174573/WinRAR-Remote-Code-Execution.html No Types Assigned	http://packetstormsecurity.com/files/174573/WinRAR-Remote-Code-Execution.html Exploit, Third Party Advisory, VDB Entry
Changed	Reference Type	https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/ No Types Assigned	https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/ Exploit, Third Party Advisory

CVE Modified by MITRE 5/14/2024 9:22:23 AM

Action	Type	Old Value	New Value

CVE Modified by MITRE 10/22/2023 9:15:07 PM

Action	Type	Old Value	New Value
Changed	Description	RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.	RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.

CVE Modified by MITRE 10/18/2023 8:15:16 PM

Action	Type	Old Value	New Value
Changed	Description	RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through August 2023.	RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
Added	Reference		https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/ [No Types Assigned]

CVE Modified by MITRE 9/08/2023 7:15:11 PM

Action	Type	Old Value	New Value
Added	Reference		http://packetstormsecurity.com/files/174573/WinRAR-Remote-Code-Execution.html [No Types Assigned]

Initial Analysis by NIST 8/29/2023 12:02:13 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		OR cpe:2.3:a:rarlab:winrar::::::::* versions up to (excluding) 6.23
Added	CVSS V3.1		NIST AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Added	CWE		NIST NVD-CWE-noinfo
Changed	Reference Type	https://news.ycombinator.com/item?id=37236100 No Types Assigned	https://news.ycombinator.com/item?id=37236100 Issue Tracking, Third Party Advisory
Changed	Reference Type	https://www.bleepingcomputer.com/news/security/winrar-zero-day-exploited-since-april-to-hack-trading-accounts/ No Types Assigned	https://www.bleepingcomputer.com/news/security/winrar-zero-day-exploited-since-april-to-hack-trading-accounts/ Exploit, Third Party Advisory
Changed	Reference Type	https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/ No Types Assigned	https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/ Exploit, Third Party Advisory

CVE Modified by MITRE 8/23/2023 2:15:08 PM

Action	Type	Old Value	New Value
Added	Reference		https://news.ycombinator.com/item?id=37236100 [No Types Assigned]