CVE-2024-38112.md
1 #### 20-09-2024 2 3 **1. Description:** 4 5 - **Brief Summary:** Windows MSHTML Platform Spoofing Vulnerability 6 - **Technical Details:** These samples could run and execute files and websites through the disabled IE process by exploiting CVE-2024-38112 through MSHTML. By using specially crafted.URL files that contained the MHTML protocol handler and the x-usc! directive. Able to access and run HTML Application (HTA) files directly through the disabled IE process 7 - **Severity Score:** 8 - **CVSS v3.1 Base Score:** 7.5 9 - **CVSS v3.1 Vector:** CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 10 - **Affected Software/Versions:** 11 - Microsoft Windows 12 - Microsoft Hyper-V 13 - Microsoft Office 14 - Microsoft Server 15 16 **2. Related Information:** 17 18 - **CWE:** [CWE-451](https://cwe.mitre.org/data/definitions/451.html) 19 20 **3. Vulnerability Analysis:** 21 22 - **Impact:** 23 - Data Leak 24 - Information Disclosure 25 - Sensitive Information Exposure 26 - Arbitrary Code Execution (ACE) 27 - **Remediation:** Update Windows 28 29 **4. References:** 30 31 - **Official CVE Entry:** [Yes](https://nvd.nist.gov/vuln/detail/CVE-2024-38112) 32 - **Vendor Advisory:** 33 - [Trend Micro](https://www.trendmicro.com/en_us/research/24/g/CVE-2024-38112-void-banshee.html) 34 - **Other Relevant Resources:** 35 - **POC**: [Yes](https://www.trendmicro.com/en_us/research/24/g/CVE-2024-38112-void-banshee.html) 36 37 **5. Notes (Optional):** 38 39 - **Additional Information:** 40 - **Timeline:**