CVE-2023-38831

GPTKB entity

Statements (19)
Predicate Object
gptkbp:instanceOf cybersecurity vulnerability
gptkbp:affects_software gptkb:WinRAR
gptkbp:attack_vector malicious archive file
gptkbp:citation https://nvd.nist.gov/vuln/detail/CVE-2023-38831
https://www.win-rar.com/start.html?&L=0
https://www.group-ib.com/blog/cve-2023-38831-winrar/
gptkbp:describes A vulnerability in WinRAR that allows attackers to execute arbitrary code when a user opens a specially crafted archive.
gptkbp:exploit_status actively exploited
gptkbp:hasCVSSScore 7.8
gptkbp:hasCWE gptkb:CWE-20_(Improper_Input_Validation)
https://www.w3.org/2000/01/rdf-schema#label CVE-2023-38831
gptkbp:impact remote code execution
gptkbp:patchedBy WinRAR 6.23
gptkbp:publicDisclosure 2023-08
gptkbp:publishedBy gptkb:MITRE
gptkbp:vulnerableTo gptkb:CVE-2023-38831
arbitrary code execution
gptkbp:bfsParent gptkb:APT3
gptkbp:bfsLayer 7