Lucene search
K

8 matches found

CISA KEV Catalog
CISA KEV Catalog
added 2024/09/16 12:0 a.m.34 views

Microsoft Windows MSHTML Platform Spoofing Vulnerability

Microsoft Windows MSHTML Platform contains a user interface UI misrepresentation of critical information vulnerability that allows an attacker to spoof a web page. This vulnerability was exploited in conjunction with CVE-2024-38112...

8.8CVSS6.7AI score0.84345EPSS
In wildExploits0
The Hacker News
The Hacker News
added 2024/07/16 9:0 a.m.40 views

Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer

An advanced persistent threat APT group called Void Banshee has been observed exploiting a recently disclosed security flaw in the Microsoft MHTML browser engine as a zero-day to deliver an information stealer called Atlantida. Cybersecurity firm Trend Micro, which observed the activity in mid-Ma...

9.8CVSS9AI score0.99938EPSS
Exploits62
Trend Micro Simply Security
Trend Micro Simply Security
added 2024/07/15 12:0 a.m.64 views

CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks

Our threat hunters discovered CVE-2024-38112, which was used as a zero-day by APT group Void Banshee, to access and execute files through the disabled Internet Explorer using MSHTML. We promptly identified and reported this zero-day vulnerability to Microsoft, and it has been patched...

7.5CVSS7.1AI score0.84345EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/09 8:3 p.m.9 views

Patch Tuesday - July 2024

Microsoft is addressing 139 vulnerabilities this July 2024 Patch Tuesday, which is on the high side in terms of typical CVE counts. They’ve also republished details for 4 CVEs issued by other vendors that affect Microsoft products. Microsoft has evidence of in-the-wild exploitation for 2 of the...

9.9CVSS9.3AI score0.84345EPSS
Exploits8
Circl
Circl
added 2024/07/09 7:48 p.m.20 views

CVE-2024-38112

creationtimestamp| type| source ---|---|--- 2024-07-09 19:48:26+00:00| seen| https://t.me/cvedetector/390 2024-07-09 23:19:40+00:00| seen| https://t.me/ctinow/219966 2024-07-10 00:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-07-10 04:00:00+00:00| seen|...

7.5CVSS7AI score0.84345EPSS
Exploits0References42
NVD
NVD
added 2024/07/09 5:15 p.m.86 views

CVE-2024-38112

Windows MSHTML Platform Spoofing Vulnerability...

7.5CVSS0.84345EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/09 5:2 p.m.73 views

CVE-2024-38112 Windows MSHTML Platform Spoofing Vulnerability

...

7.5CVSS0.84345EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/07/09 12:0 a.m.46 views

CVE-2024-38112

Windows MSHTML Platform Spoofing Vulnerability Recent assessments: remmons-r7 at July 19, 2024 2:51pm UTC reported: Trend Micro reported this vulnerability to Microsoft after observing Void Banshee APT exploitation in the wild; the zero-day attack hinged on the premise that MHTML links would...

7.5CVSS8.2AI score0.84345EPSS
In wildExploits0References2
Rows per page
Query Builder