MALWARE-FILE-TRANSFER MSDT Vulnerability Related Payload

Rule ID

1231173

Severity

High

Description

The vulnerability of msdt.exe, it could be triggered by craft documents which include malicious external object load setting and cause RCE.

Impact

Remote code execution

Recommendation

Update vendor's patch.

IPS Category

Malware traffic

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

Reference

CVE-2022-30190

T1059.001

T1218

T1137.001

Keyword

Follina;Windows 10;Windows 11;Windows 7;Windows 8.1;Windows RT 8.1;Windows Server 2008;Windows Server 2012;Windows Server 2016;Windows Server 2019;

Created At

2022/05/31

Updated At

2022/06/08

This website uses cookies to ensure you get the best experience on our website.

Learn more