Vulnerabilities > CVE-2024-38112 - User Interface (UI) Misrepresentation of Critical Information vulnerability in Microsoft products
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Windows MSHTML Platform Spoofing Vulnerability
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Related news
- Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112) (source)
- Week in review: RADIUS protocol critical vuln, Microsoft 0-day exploited for a year, AT&T breach (source)
- ZDI shames Microsoft for – yet another – coordinated vulnerability disclosure snafu (source)
- Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer (source)
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks (source)