Tag: type confusion

1 attack reports | 0 vulnerabilities

Attack reports

Unmasking CVE-2024-38178: The Silent Threat of Windows Scripting Engine

Published: October 17, 2024

CVE-2024-38178 is a type confusion vulnerability in JScript9.dll, patched by Microsoft in August 2024. It allows bypassing the CVE-2022-41128 patch through incorrect JIT engine optimizations. APT37, a North Korean threat group, exploited this vulnerability in June 2024 against South Korean targets.…

Downloadable IOCs 0

windows

vulnerability

zero-day

rokrat

remote code execution

CVE-2024-38178

2024-10-17

apt37

CVE-2022-41128

type confusion

jscript9.dll

» Click here to see all Attack Reports «