{"uuid": "52aaaede-0f76-4e7e-a9d8-8804180f76bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38831", "type": "exploited", "source": "https://t.me/cKure/11777", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 A number of state-back threat actors from Russia and China have been observed exploiting a recent security flaw in the WinRAR archiver tool for Windows as part of their operations.\n\nThe vulnerability in question is CVE-2023-38831 (CVSS score: 7.8), which allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The shortcoming has been actively exploited since at least April 2023.\n\nhttps://thehackernews.com/2023/10/google-tag-detects-state-backed-threat.html", "creation_timestamp": "2023-10-19T05:28:08.000000Z"}