diff --git a/rules/windows/file_change/file_change_win_unusual_modification_by_dns_exe.yml b/rules/windows/file_change/file_change_win_unusual_modification_by_dns_exe.yml
index 67bfe529e..dbc9b5282 100644
--- a/rules/windows/file_change/file_change_win_unusual_modification_by_dns_exe.yml
+++ b/rules/windows/file_change/file_change_win_unusual_modification_by_dns_exe.yml
@@ -3,7 +3,7 @@ id: 9f383dc0-fdeb-4d56-acbc-9f9f4f8f20f3
 status: experimental
 author: Tim Rauch
 date: 2022/09/27
-description: Detects an unexpected file being modified by dns.exe which my indicate activity related to remote code execution or other forms of exploitation
+description: Detects an unexpected file being modified by dns.exe which my indicate activity related to remote code execution or other forms of exploitation as seen in CVE-2020-1350 (SigRed)
 references:
     - https://www.elastic.co/guide/en/security/current/unusual-file-modification-by-dns.exe.html
 tags: