CVE-2024-38178

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 13, 2024
Updated: Aug 14, 2024
CWE ID 843

Summary

CVE-2024-38178 is a newly identified memory corruption vulnerability affecting scripting engines. Attackers can exploit this issue by deceiving victims into opening a specially crafted file or website, leading to arbitrary code execution and potential data theft or system takeover. The memory corruption occurs due to improper handling of maliciously crafted input data, making it a significant security risk for users and organizations that rely on impacted scripting engines. It is crucial to apply patches or workarounds as soon as they become available to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows 10
  • Microsoft Windows 11

Affected Vendors

  • Microsoft