Guidance for investigating attacks using CVE-2023-23397