{"vulnerability": "CVE-2024-38178", "sightings": [{"uuid": "c1d9d8ee-729e-408e-82ec-5c8a8b4632ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:57.000000Z"}, {"uuid": "936e4b76-587d-489c-9c5c-b0201a7f9d8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "seen", "source": "https://bsky.app/profile/lazarusholic.bsky.social/post/3lnxfasra2d27", "content": "", "creation_timestamp": "2025-04-29T13:30:25.160231Z"}, {"uuid": "58e6f74d-debe-459f-9843-74abb4b0e8cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1352", "content": "", "creation_timestamp": "2024-08-14T04:00:00.000000Z"}, {"uuid": "c7de242c-6777-4a66-a51a-f5ebd6955469", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "published-proof-of-concept", "source": "https://t.me/orderofsixangles/2477", "content": "Security Analysis of WeChat\u2019s MMTLS Encryption Protocol\n\nCoverage-guided Fuzzing as Online Stochastic Control\n\nDiscover Microsoft Browser 0-DAY (CVE-2024-38178)\n\ncontrol over the Outlook desktop application and therefore to the emails configured in it (Github)\n\nLet\u2019s Clone a Cloner - Part 2: You Have No Power Here (hardware hacking)\n\npersistence techniques for macOS\n\nAttacking the Samsung Galaxy A* Boot Chain\n\nMake Binwalk Fast Again - Rust Rewrite of Binwalk is in Beta", "creation_timestamp": "2024-10-16T04:17:16.000000Z"}, {"uuid": "86172738-3d1a-4d78-86c3-6392651bbf97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "exploited", "source": "https://t.me/cKure/13754", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Group123, after infiltrating an advertising company's server, deployed a backdoor using the IE 0day exploit CVE-2024-38178 within ad scripts. This strategy enables a zero-click attack as the ads are served, executing the malicious code without any user interaction.", "creation_timestamp": "2024-10-17T04:24:36.000000Z"}, {"uuid": "d28486b8-8eb8-4d8b-8388-fba3e6828806", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "published-proof-of-concept", "source": "https://t.me/ptescalator/59", "content": "\ud83d\udd26  \u041a\u0430\u043a \u043c\u044b \u043d\u0430\u0448\u043b\u0438 ITW-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f CVE-2024-38178\n\n\u0412 \u0440\u0430\u043c\u043a\u0430\u0445 \u0435\u0436\u0435\u043c\u0435\u0441\u044f\u0447\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u0441\u0432\u0435\u0436\u0435\u0437\u0430\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043c\u044b \u0432 \u043a\u043e\u043c\u0430\u043d\u0434\u0435 ESC-VR \u043e\u0431\u0440\u0430\u0449\u0430\u0435\u043c \u043f\u0440\u0438\u0441\u0442\u0430\u043b\u044c\u043d\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u0435 \u043a\u0430\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435. \u0422\u0430\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u043d\u0430\u0448\u0435\u0439 \u0433\u043b\u0430\u0432\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0435\u0441\u043b\u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u043a\u0430\u043a\u0430\u044f \u0431\u044b \u0442\u043e \u043d\u0438 \u0431\u044b\u043b\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u0445. \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-38178 \u2014 \u044d\u0442\u043e \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u0442\u0438\u043f\u0430 Type Confusion (CWE-843). \u0413\u043e\u0432\u043e\u0440\u044f \u043f\u043e-\u043f\u0440\u043e\u0441\u0442\u043e\u043c\u0443: \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f, \u043a\u043e\u0433\u0434\u0430 \u043e\u0431\u043b\u0430\u0441\u0442\u044c \u043f\u0430\u043c\u044f\u0442\u0438, \u0437\u0430\u043d\u0438\u043c\u0430\u0435\u043c\u0430\u044f \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u043c \u0442\u0438\u043f\u0430 A, \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043a\u043e\u0434\u043e\u043c \u043a\u0430\u043a \u043e\u0431\u044a\u0435\u043a\u0442 \u0442\u0438\u043f\u0430 B.\n\n\u041f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0432 \u043f\u0430\u0442\u0447, \u043c\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0441\u0434\u0435\u043b\u0430\u043d\u044b \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0435\u0439 \u0437\u0430 \u043e\u043f\u0442\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u044e \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u043c\u0430\u0441\u0441\u0438\u0432\u0430\u043c\u0438, \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 GlobOpt::OptArraySrc. \u041f\u043e\u0441\u043b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430\u0441\u044c \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0430 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438, \u043a\u043e\u0433\u0434\u0430 \u043e\u043f\u0442\u0438\u043c\u0438\u0437\u0430\u0442\u043e\u0440 \u043d\u0435 \u0437\u0430\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0438\u043d\u043e\u0433\u0434\u0430 \u0442\u0438\u043f \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u043c\u043e\u0436\u0435\u0442 \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c\u0441\u044f \u0432 runtime.\n\n\u0415\u0441\u043b\u0438 \u0432\u044b \u0441\u043b\u0435\u0434\u0438\u0442\u0435 \u0437\u0430 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c\u044e Google ProjectZero \u0442\u0430\u043a \u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e, \u043a\u0430\u043a \u0438 \u043c\u044b, \u0442\u043e \u0432\u044b \u0443\u0436\u0435 \u043e\u0431\u043e \u0432\u0441\u0435\u043c \u0434\u043e\u0433\u0430\u0434\u0430\u043b\u0438\u0441\u044c \ud83d\ude09\n\n\u0424\u0443\u043d\u043a\u0446\u0438\u044f GlobOpt::OptArraySrc \u0443\u0436\u0435 \u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0432 ITW-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0435, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e \u0432 \u043f\u043e\u0441\u0442\u0435, \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0449\u0435\u043c CVE-2022-41128. \n\n\u0412 \u043f\u043e\u0441\u0442\u0435 \u0435\u0441\u0442\u044c PoC, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e CVE-2022\u201341128. \u0412\u0437\u044f\u0432 \u0438\u0437 \u043d\u0435\u0433\u043e \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0435 \u0441\u0442\u0440\u043e\u043a\u0438, \u043c\u044b \u043f\u0440\u043e\u0432\u0435\u043b\u0438 \u043f\u043e\u0438\u0441\u043a \u0432 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u0438 \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0430\u0445 \u043f\u043e \u0444\u0430\u0439\u043b\u0430\u043c, \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u043c \u043d\u0435\u0434\u0430\u0432\u043d\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043f\u043e\u0434\u0441\u0442\u0440\u043e\u043a\u0438:\n\n\u2022 6E6577204F626A656374287B0D0A20 \n\u2022 206E657720496E7433324172726179\n\n\u041c\u044b \u043d\u0430\u0448\u043b\u0438 \u0432\u0441\u0435\u0433\u043e \u043e\u0434\u0438\u043d \u0444\u0430\u0439\u043b. \u041e\u043d \u0431\u044b\u043b \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d \u0438\u0437 KR, \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0432 \u044d\u0442\u043e\u0439 \u0441\u0442\u0440\u0430\u043d\u0435, \u043e \u0447\u0435\u043c \u043a\u043e\u0441\u0432\u0435\u043d\u043d\u043e \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u0438\u0437 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0438 Microsoft. \n\n\u041f\u0440\u043e\u0433\u043d\u0430\u0432 \u0444\u0430\u0439\u043b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0441 \u043f\u0430\u0442\u0447\u0435\u043c \u0438 \u0431\u0435\u0437 \u043d\u0435\u0433\u043e, \u043c\u044b \u0431\u044b\u0441\u0442\u0440\u043e \u043f\u043e\u043d\u044f\u043b\u0438, \u0447\u0442\u043e \u044d\u0442\u043e \u0438\u043c\u0435\u043d\u043d\u043e \u0442\u043e, \u0447\u0442\u043e \u043c\u044b \u0438\u0441\u043a\u0430\u043b\u0438. \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u0441\u0445\u043e\u0436\u0435\u0441\u0442\u044c\u044e \u0441 CVE-2022-41128 \u043c\u044b \u0441\u0447\u0438\u0442\u0430\u0435\u043c, \u0447\u0442\u043e \u0438 \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0447\u0435\u0440\u0435\u0437 \u0444\u0430\u0437\u0437\u0438\u043d\u0433, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043b\u0441\u044f \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c PoC \u0434\u043b\u044f CVE-2022-41128 \u0438 CVE-2021-34480.\n\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044e, \u043a\u043e\u0433\u0434\u0430 JIT-\u043a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440 \u0443\u0431\u0435\u0436\u0434\u0435\u043d, \u0447\u0442\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u0430\u044f X \u0438\u043c\u0435\u0435\u0442 \u0442\u0438\u043f js::TypedArray, \u043d\u043e \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 X \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 Y \u0442\u0438\u043f\u0430 js::DynamicObj. \u0414\u0430\u043b\u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043f\u043e \u0438\u043d\u0434\u0435\u043a\u0441\u0443 4, 11, 12, \u0447\u0442\u043e\u0431\u044b \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u043f\u043e\u043b\u044f \u043c\u0430\u0441\u0441\u0438\u0432\u0430 js::JavaScriptNativeArray, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e\u0441\u044f \u0432 \u043e\u0434\u043d\u043e\u043c \u0438\u0437 \u0441\u0432\u043e\u0439\u0441\u0442\u0432 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f Y. \u041c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u043f\u043e\u043b\u044f \u0445\u0440\u0430\u043d\u044f\u0442 \u0440\u0430\u0437\u043c\u0435\u0440 \u043c\u0430\u0441\u0441\u0438\u0432\u0430. \n\n\u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u044d\u0442\u043e\u0433\u043e \u043c\u0430\u0441\u0441\u0438\u0432\u0430 \u0434\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0438\u043c\u0438\u0442\u0438\u0432\u044b \u043d\u0430 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0438 \u0447\u0442\u0435\u043d\u0438\u0435. \u0414\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0437\u0430\u043d\u044f\u043b\u043e \u0431\u044b \u043d\u0435\u043f\u0440\u0438\u043b\u0438\u0447\u043d\u043e \u043c\u043d\u043e\u0433\u043e \u043c\u0435\u0441\u0442\u0430 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043f\u043e\u0441\u0442\u0430, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 stay tunned \u0438 happy hunting \ud83d\ude42\n\nYARA-\u043f\u0440\u0430\u0432\u0438\u043b\u043e (\u043d\u0430 \u0444\u0430\u0439\u043b):\n\n\nrule exploit_CVE_2024_38178 {\n      strings:\n          $a = { 6E6577204F626A656374287B0D0A20 }\n          $b = { 206E657720496E7433324172726179 } \n     condition:\n           all of them\n}\n\n\nIoCs:\n\n\nSHA256: 736092B71A9686FDE43D3C4ABD941A6774721B90B17D946C9D05AF19C84DF0A4\n\n\n\nhttp://img[.]mobonad[.]com/images/20230912/43\n\n\n#escvr #itw #jscript9 #reverse\n@ptescalator", "creation_timestamp": "2024-09-09T12:43:50.000000Z"}, {"uuid": "625d84e1-b427-4346-884d-056d6844ac16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "seen", "source": "https://t.me/kasperskyb2b/1373", "content": "\ud83d\udea8 \u0428\u0435\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 0day \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0441\u044e\u0440\u043f\u0440\u0438\u0437\u044b \u0430\u0432\u0433\u0443\u0441\u0442\u043e\u0432\u0441\u043a\u043e\u0433\u043e patch tuesday\n\n\u0410\u0441\u0442\u0440\u043e\u043b\u043e\u0433\u0438 \u043e\u0431\u044a\u044f\u0432\u043b\u044f\u044e\u0442 \u043d\u0435\u0434\u0435\u043b\u044e \u043f\u0430\u0442\u0447\u0438\u043d\u0433\u0430 \u2014 \u043a\u0440\u043e\u043c\u0435 \u043f\u0430\u043a\u0435\u0442\u0430 \u0432\u0430\u0436\u043d\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u043e\u0442 Microsoft, \u0431\u043e\u043b\u044c\u0448\u0438\u043c \u0431\u0443\u043a\u0435\u0442\u043e\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0430\u0437\u0440\u0430\u0437\u0438\u043b\u0438\u0441\u044c Adobe \u0438 SAP.\n\nMicrosoft \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 86 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u043d\u043e \u0432\u043d\u0435\u043f\u043b\u0430\u043d\u043e\u0432\u044b\u0445 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u0441 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e patch tuesday \u0431\u044b\u043b\u043e \u043c\u043d\u043e\u0433\u043e, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u0441\u0435\u0433\u043e \u0441 \u0438\u044e\u043b\u044f \u043d\u0430\u0431\u0435\u0436\u0430\u043b\u043e \u0430\u0436 130 CVE.\n\n\u041e\u0434\u0438\u043d 0day \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u0437\u0430\u043a\u0440\u044b\u043b\u0438 \u0432 \u0438\u044e\u043d\u0435, \u043d\u043e \u0437\u0430\u0431\u044b\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043d\u0435\u0433\u043e \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c. \ud83e\udd26\u200d\u2642\ufe0f\n\u042d\u0442\u043e CVE-2024-38213, \u043e\u0431\u0445\u043e\u0434 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0439 SmartScreen, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0441 \u043c\u0430\u0440\u0442\u0430.\n\n\u0414\u0440\u0443\u0433\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b: \n\n\ud83d\udfe3 CVE-2024-38178, RCE \u0432 scripting engine, \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u0441\u0441\u044b\u043b\u043a\u0430 \u0434\u043e\u043b\u0436\u043d\u0430 \u0431\u044b\u0442\u044c \u043e\u0442\u043a\u0440\u044b\u0442\u0430 \u0432 Internet Explorer mode;\n\ud83d\udfe3 CVE-2024-38193, EoP \u0447\u0435\u0440\u0435\u0437 AFD for Winsock;\n\ud83d\udfe3 CVE-2024-38106 \u0438 -38107, EoP \u0434\u043e system \u0447\u0435\u0440\u0435\u0437 \u044f\u0434\u0440\u043e Windows \u0438 power dependency coordinator \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e;\n\ud83d\udfe3 RCE \u0432 MS Project CVE-2024-38189.\n\n\ud83d\udd50 \u0415\u0449\u0451 \u0447\u0435\u0442\u044b\u0440\u0435 0day \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u043a \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c, \u043d\u043e \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u043c \u2014 \u044d\u0442\u043e \u0434\u0435\u0444\u0435\u043a\u0442\u044b, \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0435 \u0432 \u0430\u0442\u0430\u043a\u0435 Windows Downdate, RCE \u0432 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0435\u043c Line Printer Daemon  \u0438 \u0434\u0435\u0444\u0435\u043a\u0442 MS Office, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0438\u0439 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0445\u044d\u0448\u0435\u0439 NTLM.\n\n \u0412\u0441\u0435\u0433\u043e \u0438\u0437 86 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432, \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 patch tuesday, 7 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0440\u0430\u043d\u0433 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445, 64 \u2014 \u0432\u044b\u0441\u043e\u043a\u043e\u0439, 15 \u2014 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u0438. 35 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 28 \u2014 RCE, 6 \u2014 DoS, 4 \u2014 \u043e\u0431\u0445\u043e\u0434\u0443 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 7 \u2014 \u0443\u0442\u0435\u0447\u043a\u0430\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u27a1\ufe0f\n\nAdobe \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0441\u0432\u043e\u0438\u0445 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432.\n\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0432 Acrobat Reader \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043e 12 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432, \u0438\u0437 \u043d\u0438\u0445 8 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445. \u0421\u0443\u0434\u044f \u043f\u043e \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u043c \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u043d\u043e\u0441\u0442\u044f\u043c \u0432 \u0441\u0442\u043e\u0440\u043e\u043d\u0443 Cisco Talos \u0438 Checkpoint, \u043c\u0438\u043d\u0438\u043c\u0443\u043c 4 \u0434\u044b\u0440\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432\u0436\u0438\u0432\u0443\u044e.\n\n23 \u0434\u0435\u0444\u0435\u043a\u0442\u0430 \u0432 Adobe Commerce (\u0432 \u0434\u0435\u0432\u0438\u0447\u0435\u0441\u0442\u0432\u0435 Magento) \u0442\u043e\u0436\u0435 \u043d\u0430\u043c\u0435\u043a\u0430\u044e\u0442 \u043d\u0430 \u0441\u0440\u043e\u0447\u043d\u043e\u0441\u0442\u044c \u043f\u0430\u0442\u0447\u0438\u043d\u0433\u0430: 7 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2024-39397 (CVSS 9.0) \u2014 RCE \u0438\u0437-\u0437\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u0430 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c. \n\n\u27a1\ufe0f\n\nSAP \u0432 \u0441\u0432\u043e\u0435\u043c \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 17 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f  CVE-2024-41730 \u0441\u043e \u0441\u043a\u0440\u043e\u043c\u043d\u044b\u043c CVSS 9.8 \u2014 \u044d\u0442\u043e\u0442 \u0434\u0435\u0444\u0435\u043a\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0446\u0435\u043b\u0438\u043a\u043e\u043c \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0432  SAP BusinessObjects 430 \u0438 440 \u0438 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0434\u0438\u0441\u0442\u0430\u043d\u0446\u0438\u043e\u043d\u043d\u043e.\n \n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #\u043f\u0430\u0442\u0447\u0438 #microsoft @\u041f2\u0422", "creation_timestamp": "2024-08-14T12:33:33.000000Z"}, {"uuid": "454b4951-7345-450d-914e-45fd6fbd31b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "published-proof-of-concept", "source": "Telegram/8__HnYJIKaChS5iJl8e8Mk1xPAfziGRDros1IGnT0yvGXLsu", "content": "", "creation_timestamp": "2024-10-20T20:18:44.000000Z"}, {"uuid": "88ad70f6-f381-4c86-be00-55ddbf0488b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/23707", "content": "The Hacker News\nNorth Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware\n\nThe North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT.\nThe vulnerability in question is CVE-2024-38178 (CVSS score: 7.5), a memory corruption bug in the Scripting Engine that could result in remote code execution when using the Edge browser in Internet Explorer Mode.", "creation_timestamp": "2024-10-16T15:11:10.000000Z"}, {"uuid": "896ea496-0cab-4684-92ee-c0197cd942b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "seen", "source": "https://t.me/true_secator/6090", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b \u0443\u0432\u0435\u0441\u0438\u0441\u0442\u044b\u0439 PatchTuesday \u043e\u0442 Microsoft \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438\u00a090 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u043e\u0441\u0435\u043c\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, 79 - \u00ab\u0432\u0430\u0436\u043d\u044b\u0445\u00bb \u0438 10 0-day.\n\n\u0412 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e 36 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 EoP, 4 - \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 28 - RCE, 8 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 6 - DoS \u0438 7 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0430.\n\n\u0418\u0437 10 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 Patch Tuesday \u043d\u0443\u043b\u0435\u0439 \u0448\u0435\u0441\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u0442\u0440\u0438 \u0431\u044b\u043b\u0438 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0438 \u0435\u0449\u0435 \u043e\u0434\u0438\u043d \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f  \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442, \u043d\u043e Microsoft \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043d\u0430\u0434 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c.\n\n\u0412 \u0447\u0438\u0441\u043b\u043e \u0448\u0435\u0441\u0442\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u043d\u0443\u043b\u0435\u0439 \u0432\u043e\u0448\u043b\u0438:\n\n- CVE-2024-38178: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432\u043e\u0433\u043e \u0434\u0432\u0438\u0436\u043a\u0430. \u0414\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043a\u043b\u0438\u0435\u043d\u0442 \u0449\u0435\u043b\u043a\u043d\u0443\u043b \u0441\u0441\u044b\u043b\u043a\u0443 \u0432 Microsoft Edge \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 Internet Explorer, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c RCE. \u041f\u041e \u0434\u0430\u043d\u043d\u044b\u043c NCSC \u042e\u0436\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0438 \u0438 AhnLab, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043f\u0440\u0438 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n- CVE-2024-38193: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0432\u0441\u043f\u043e\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 Windows \u0434\u043b\u044f WinSock, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 SYSTEM. \u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0430 Gen Digital, \u043d\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f Microsoft \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u0435\u0442.\n\n- CVE-2024-38213: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Windows Mark of the Web, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0431\u0445\u043e\u0434\u044f\u0442 \u043e\u043f\u043e\u0432\u0435\u0449\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430\u00a0\u0432 \u0440\u0430\u043c\u043a\u0430\u0445 Trend Micro\u2019s Zero Day Initiative, \u043d\u043e \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u044e\u0442\u0441\u044f.\n\n- CVE-2024-38106: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Windows, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a EoP. \u0414\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0433\u043e\u043d\u043a\u0438. Microsoft \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430, \u043a\u0442\u043e \u0438\u043c\u0435\u043d\u043d\u043e \u0435\u0435 \u043d\u0430\u0448\u0435\u043b \u0438 \u043a\u0430\u043a \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430.\n\n- CVE-2024-38107: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows Power Dependency Coordinator. \u0410\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043d\u0435\u0442.\n\n- CVE-2024-38189: RCE-\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Microsoft Project. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0436\u0435\u0440\u0442\u0432\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b Microsoft Office Project \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0433\u0434\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043c\u0430\u043a\u0440\u043e\u0441\u043e\u0432 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 Office \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0438 \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0439 \u043e \u043c\u0430\u043a\u0440\u043e\u0441\u0430\u0445 VBA. \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u0442.\n\n\u0412 \u0447\u0438\u0441\u043b\u0435 \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439:\n\n- CVE-2024-38199: RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows Line Printer Daemon (LPD). \u041d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0435 \u0437\u0430\u0434\u0430\u043d\u0438\u0435 \u043f\u0435\u0447\u0430\u0442\u0438 \u0432 \u043e\u0431\u0449\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u043b\u0443\u0436\u0431\u0443 LPD \u043f\u043e \u0441\u0435\u0442\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f RCE \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n- CVE-2024-21302: EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0430\u0442\u0430\u043a\u043e\u0439 Windows Downdate.\n\n- CVE-2024-38200: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Microsoft Office, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0432\u0448\u0430\u044f \u043a\u0440\u0430\u0441\u0442\u044c \u0445\u044d\u0448\u0438 NTLM.\n\n- CVE-2024-38202: EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0442\u0435\u043a\u0430 \u0426\u0435\u043d\u0442\u0440\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0430\u0442\u0430\u043a\u043e\u0439 Windows Downdate. \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u043f\u0435\u0440\u0435\u0447\u0435\u043d\u044c \u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u0438 \u043a\u0430\u0436\u0434\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 - \u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2024-08-14T12:17:01.000000Z"}, {"uuid": "a3187bff-0ba7-464d-b810-c2218c0565c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "published-proof-of-concept", "source": "https://t.me/S_E_Reborn/5172", "content": "Security Analysis of WeChat\u2019s MMTLS Encryption Protocol\n\nCoverage-guided Fuzzing as Online Stochastic Control\n\nDiscover Microsoft Browser 0-DAY (CVE-2024-38178)\n\ncontrol over the Outlook desktop application and therefore to the emails configured in it (Github)\n\nLet\u2019s Clone a Cloner - Part 2: You Have No Power Here (hardware hacking)\n\npersistence techniques for macOS\n\nAttacking the Samsung Galaxy A* Boot Chain\n\nMake Binwalk Fast Again - Rust Rewrite of Binwalk is in Beta", "creation_timestamp": "2024-10-16T19:14:43.000000Z"}, {"uuid": "462f2b90-89d1-458b-ae65-228807b6488e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "seen", "source": "", "content": "", "creation_timestamp": "2024-10-18T12:31:47.025427Z"}, {"uuid": "e8cd5c39-4f24-45dd-9d18-006a853d2662", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/062f6323-a330-4bba-a9f4-b9a1f43ff238", "content": "", "creation_timestamp": "2026-02-02T12:26:32.005492Z"}, {"uuid": "a137f70a-4ec9-456b-a5f9-25b2362a4c7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8832", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulnerability PoC\nURL\uff1ahttps://github.com/uixss/PoC-CVE-2024-38178\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-24T15:03:50.000000Z"}, {"uuid": "e042d817-07cd-465e-ab81-023c9ccfd206", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "seen", "source": "https://t.me/cvedetector/3072", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38178 - ASP.NET Scripting Engine Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-38178 \nPublished : Aug. 13, 2024, 6:15 p.m. | 43\u00a0minutes ago \nDescription : Scripting Engine Memory Corruption Vulnerability \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-13T21:18:40.000000Z"}, {"uuid": "3be513ec-7774-44e4-91ca-279263be1896", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "seen", "source": "Telegram/XNIS_obyggIvZBISVDpKIBYVZHmfAuPOxuHts-S0Hqw10A", "content": "", "creation_timestamp": "2024-10-16T15:12:25.000000Z"}, {"uuid": "7e39b3cf-44db-4678-b267-0c09f6fa4cdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "exploited", "source": "https://t.me/KomunitiSiber/2727", "content": "North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware\nhttps://thehackernews.com/2024/10/north-korean-scarcruft-exploits-windows.html\n\nThe North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT.\nThe vulnerability in question is CVE-2024-38178 (CVSS score: 7.5), a memory corruption bug in the Scripting Engine that could result in remote code execution when using the Edge browser in Internet Explorer Mode.", "creation_timestamp": "2024-10-16T16:21:29.000000Z"}, {"uuid": "baa7a274-661e-4af5-a2d7-7ea7ec5115cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "seen", "source": "https://infosec.exchange/users/0patch/statuses/113505216443619015", "content": "", "creation_timestamp": "2024-11-18T17:49:16.796340Z"}, {"uuid": "67b6e869-d7f9-456f-9d0f-c83220f20aa6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/062f6323-a330-4bba-a9f4-b9a1f43ff238", "content": "", "creation_timestamp": "2026-02-02T12:26:32.005492Z"}, {"uuid": "6d19855d-d67d-4511-ad4b-117ff5b978db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "seen", "source": "https://t.me/hackyourmom/9406", "content": "\u2139\ufe0f \u041f\u0456\u0432\u043d\u0456\u0447\u043d\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u044c\u043a\u0430 \u0445\u0430\u043a\u0435\u0440\u0441\u044c\u043a\u0430 \u0433\u0440\u0443\u043f\u0430 APT37 \u0437\u0434\u0456\u0439\u0441\u043d\u0438\u043b\u0430 \u0430\u0442\u0430\u043a\u0443 \u043d\u0430 \u0440\u0435\u043a\u043b\u0430\u043c\u043d\u0443 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443, \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u0430\u0432\u0448\u0438 \u0443\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c \u043d\u0443\u043b\u044c\u043e\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 Internet Explorer.\n\n\ud83d\udcbb \u0423\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c, \u0456\u0434\u0435\u043d\u0442\u0438\u0444\u0456\u043a\u043e\u0432\u0430\u043d\u0430 \u044f\u043a CVE-2024-38178, \u0434\u043e\u0437\u0432\u043e\u043b\u044f\u0454 \u0432\u0438\u043a\u043e\u043d\u0443\u0432\u0430\u0442\u0438 \u0434\u043e\u0432\u0456\u043b\u044c\u043d\u0438\u0439 \u043a\u043e\u0434 \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 WebView \u0443 Edge, \u044f\u043a\u0438\u0439 \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u043e\u0432\u0443\u0454 \u043c\u0435\u0445\u0430\u043d\u0456\u0437\u043c Internet Explorer \ud83c\udf10 #cybernews", "creation_timestamp": "2024-10-21T14:19:35.000000Z"}, {"uuid": "e649b17d-a9f8-4d43-b367-999172d1a89e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "exploited", "source": "Telegram/nBaB3bc5SV5HawdwCCYGhpBEzFUH_l1sB8zRxJTk0L5jiA", "content": "", "creation_timestamp": "2024-10-16T16:21:55.000000Z"}, {"uuid": "3d25d810-6bc8-4d9d-b0dd-41df77a7cc02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/5145", "content": "The Hacker News\nNorth Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware\n\nThe North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT.\nThe vulnerability in question is CVE-2024-38178 (CVSS score: 7.5), a memory corruption bug in the Scripting Engine that could result in remote code execution when using the Edge browser in Internet Explorer Mode.", "creation_timestamp": "2024-10-16T15:11:10.000000Z"}, {"uuid": "f75d9466-9853-45c2-8098-0e90ea6f516d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "seen", "source": "https://t.me/reverse_dungeon/3794", "content": "Security Analysis of WeChat\u2019s MMTLS Encryption Protocol\n\nCoverage-guided Fuzzing as Online Stochastic Control\n\nDiscover Microsoft Browser 0-DAY (CVE-2024-38178)\n\ncontrol over the Outlook desktop application and therefore to the emails configured in it (Github)\n\nLet\u2019s Clone a Cloner - Part 2: You Have No Power Here (hardware hacking)\n\npersistence techniques for macOS\n\nAttacking the Samsung Galaxy A* Boot Chain\n\nMake Binwalk Fast Again - Rust Rewrite of Binwalk is in Beta", "creation_timestamp": "2024-10-16T06:28:18.000000Z"}, {"uuid": "baa292b2-44c7-4827-8267-c3dd9a2c09bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "exploited", "source": "https://t.me/thehackernews/5740", "content": "\ud83d\udd25 One click, and chaos begins! \n \nNorth Korean APT group ScarCruft has been linked to the exploitation of a zero-day Windows flaw (CVE-2024-38178), targeting unpatched Internet Explorer Mode in Edge, infecting devices with RokRAT malware. \n \nRead: https://thehackernews.com/2024/10/north-korean-scarcruft-exploits-windows.html", "creation_timestamp": "2024-10-16T13:07:28.000000Z"}, {"uuid": "d626c234-a2ea-448f-b344-4bc0d5121d80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "seen", "source": "https://www.thezdi.com/blog/2024/8/13/the-august-2024-security-update-review", "content": "", "creation_timestamp": "2024-08-13T18:05:01.000000Z"}, {"uuid": "6b7436c9-fd85-46ad-a713-a6d1196446cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-38178", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-08-13T21:10:03.000000Z"}]}