Tag: type confusion

1 Attack Reports | 0 Vulnerabilities

Attack reports

Unmasking CVE-2024-38178: The Silent Threat of Windows Scripting Engine

CVE-2024-38178 is a type confusion vulnerability in JScript9.dll, patched by Microsoft in August 2024. It allows bypassing the CVE-2022-41128 patch through incorrect JIT engine optimizations. APT37, a North Korean threat group, exploited this vulnerability in June 2024 against South Korean targets.…
windows
vulnerability
zero-day
rokrat
remote code execution
CVE-2024-38178
2024-10-17
apt37
CVE-2022-41128
type confusion
jscript9.dll
Published: October 17, 2024
Downloadable IOCs: 0
Click here to see more Attack Reports