Tag: CVE-2024-38178

1 attack reports | 1 vulnerabilities

Attack reports

Unmasking CVE-2024-38178: The Silent Threat of Windows Scripting Engine

Published: October 17, 2024

CVE-2024-38178 is a type confusion vulnerability in JScript9.dll, patched by Microsoft in August 2024. It allows bypassing the CVE-2022-41128 patch through incorrect JIT engine optimizations. APT37, a North Korean threat group, exploited this vulnerability in June 2024 against South Korean targets.…

Downloadable IOCs 0

windows
vulnerability
zero-day
rokrat
remote code execution
CVE-2024-38178
2024-10-17
apt37
CVE-2022-41128
type confusion
jscript9.dll
» Click here to see all Attack Reports «

Vulnerabilities

CVE-2024-38178

7.5
Microsoft Windows
CWE-843
secure@microsoft.com
2024-08-13
CVE-2024-38178
Published: August 13, 2024
» Click here to see all Vulnerabilities «