Security News > 2024 > August > APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)

APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)
2024-08-28 09:00

ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespionage group, was exploiting it to target East Asian countries. When examining the root cause, ESET discovered another way to exploit the faulty code (CVE-2924-7263). Overview of the exploit’s control flow (Source: ESET) Following a coordinated disclosure process, both vulnerabilities are now patched. The final payload in the APT-C-60 attack is a custom backdoor with cyberespionage capabilities … More → The post APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262) appeared first on Help Net Security.


News URL

https://www.helpnetsecurity.com/2024/08/28/cve-2024-7262-cve-2024-7263/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-08-15 CVE-2024-7262 Path Traversal vulnerability in Kingsoft WPS Office
Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The vulnerability was found weaponized as a single-click exploit in the form of a deceptive spreadsheet document
local
low complexity
kingsoft CWE-22
7.8
7.8