Unmasking CVE-2024-38178: The Silent Threat of Windows Scripting Engine
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
CVE-2024-38178 is a type confusion vulnerability in JScript9.dll, patched by Microsoft in August 2024. It allows bypassing the CVE-2022-41128 patch through incorrect JIT engine optimizations. APT37, a North Korean threat group, exploited this vulnerability in June 2024 against South Korean targets. The exploit enables remote code execution on Windows systems. Affected software includes Microsoft Edge (IE mode) and media players using legacy WebView. The vulnerability stems from improper type validation in the JIT compiler, leading to arbitrary code execution. Mitigation involves updating Windows and disabling IE mode in Edge.
OPENCTI LABELS :
windows,remote code execution,zero-day,vulnerability,rokrat,cve-2022-41128,type confusion,jscript9.dll,apt37,cve-2024-38178
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Unmasking CVE-2024-38178: The Silent Threat of Windows Scripting Engine