CVE-2023-40477

Vulnerability updated a year ago (2024-11-29T14:09:57.577Z)

Download STIX

Preview STIX

CVE-2023-40477 is a high-severity vulnerability discovered in the popular file compression software, WinRAR. This flaw in the software's design or implementation can be exploited by remote attackers to execute arbitrary code using specially crafted archive files. The vulnerability was addressed by the maintainer in June 2023 but was only publicly disclosed two months later in August 2023. Simultaneously, another critical Remote Code Execution (RCE) vulnerability, CVE-2023-38831, was identified and patched in August 2023 along with CVE-2023-40477. Both of these vulnerabilities presented significant risks as they could have allowed malicious actors to gain unauthorized access and control over affected systems. Details about CVE-2023-40477 were published on the Zero Day Initiative website, highlighting its potential for misuse. In a concerning development, research from Palo Alto Networks revealed that a cyberattacker known as "whalersplonk" had exploited the CVE-2023-40477 vulnerability. Utilizing the security bug in WinRAR, which was made public on August 17, the attacker leveraged this vulnerability to further their malicious activities. This incident underscores the importance of timely patching and software updates to mitigate such threats.

Description last updated: 2024-05-04T16:56:29.914Z

What's your take? (Question 1 of 3)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Vulnerability

WinRAR

Poc

RCE (Remote ...

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the CVE-2023-40477 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securelist	a year ago	Analyzing the vulnerability landscape in Q1 2024
Malwarebytes	2 years ago	Android phones can be taken over remotely - update when you can \| Malwarebytes
CERT-EU	2 years ago	The mosaic of 2023's Software Supply Chain threats
BankInfoSecurity	2 years ago	Nation-State Hackers Exploiting WinRAR, Google Warns
CERT-EU	2 years ago	Google links WinRAR exploitation to Russian, Chinese state hackers
CERT-EU	2 years ago	State-sponsored APTs are leveraging WinRAR bug
CERT-EU	2 years ago	State-sponsored APTs are leveraging WinRAR bug - Help Net Security
CERT-EU	2 years ago	This Week In Security: Magic Packets, GPU.zip, And Enter The Sandman
CERT-EU	2 years ago	Cyber Security Today, Week in Review for the week ending Friday, Sept. 22, 2023 \| IT World Canada News
CERT-EU	2 years ago	Cyber Security Week in Review: September 22, 2023
CERT-EU	2 years ago	Fake WinRAR exploit drops VenomRAT
DARKReading	2 years ago	Fake WinRAR PoC Exploit Conceals VenomRAT Malware
CERT-EU	2 years ago	Fake WinRAR exploit PoC drops VenomRAT malware
CERT-EU	2 years ago	Fake WinRAR proof-of-concept exploit drops VenomRAT malware
CERT-EU	2 years ago	Fake PoC Script Used to Trick Researchers into Downloading VenomRAT
Unit42	2 years ago	Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT
CERT-EU	2 years ago	Mageia 2023-0258: unrar security update \| LinuxSecurity.com
Quick Heal Technologies Ltd.	2 years ago	THREAT ADVISORY: Zero-Day Vulnerabilities Detected on WinRAR
CERT-EU	2 years ago	In Other News: Africa Cybercrime Crackdown, Unpatched macOS Flaw, Investor Disclosures
Naked Security	2 years ago	S3 Ep149: How many cryptographers does it take to change a light bulb?