CVE-2024-38193

Vulnerability updated 2 months ago (2024-08-13T20:15:16.864Z)

Download STIX

Preview STIX

Not enough context has been learned about CVE-2024-38193 for a description yet. However we're tracking it as a Vulnerability profile. Vulnerability: A flaw in software design or implementation

Description last updated:

What's your take? (Question 1 of 3)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Vulnerability

Windows

Microsoft

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The Fudmodule Malware is associated with CVE-2024-38193. FudModule is a sophisticated malware that has been associated with various North Korean hacking campaigns since October 2021. It uses direct kernel object manipulation (DKOM) techniques to bypass kernel security checks and has seen significant improvements since its initial discovery three years ago	Unspecified	2

Source Document References

Information about the CVE-2024-38193 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CrowdStrike	a month ago	September 2024 Patch Tuesday: Updates and Analysis \| CrowdStrike
BankInfoSecurity	a month ago	North Korean Hackers Tied to Exploits of Chromium Zero-Day
Securityaffairs	2 months ago	North Korea-linked APT Citrine Sleet exploit Chrome zero-day to deliver FudModule rootkit - Security Affairs
Checkpoint	2 months ago	19th August – Threat Intelligence Report - Check Point Research
Securityaffairs	2 months ago	Microsoft Zero-Day CVE-2024-38193 was exploited by North Korea-linked Lazarus APT
CrowdStrike	2 months ago	August 2024 Patch Tuesday: Updates and Analysis \| CrowdStrike
Securityaffairs	2 months ago	Microsoft urges customers to fix Windows RCE in the TCP/IP stack
InfoSecurity-magazine	2 months ago	Microsoft Fixes Nine Zero-Days on Patch Tuesday
Securityaffairs	2 months ago	Microsoft Patch Tuesday security updates for August 2024 six actively exploited bugs
DARKReading	2 months ago	Microsoft Discloses 10 Zero-Day Bugs in Patch Tuesday Update
Canadian Centre for Cyber Security	2 months ago	Microsoft security advisory – August 2024 monthly rollup (AV24-458) - Canadian Centre for Cyber Security
Krebs on Security	2 months ago	Six 0-Days Lead Microsoft’s August 2024 Patch Push
SANS ISC	2 months ago	Microsoft August 2024 Patch Tuesday - SANS Internet Storm Center
CISA	2 months ago	CISA Adds Six Known Exploited Vulnerabilities to Catalog \| CISA