CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Jul 30, 2024

CVE-2024-38112

High

EPSS 92.6%CISA KEV

Description

Microsoft Windows MSHTML Platform contains a spoofing vulnerability that has a high impact to confidentiality, integrity, and availability.

92.6%

Higher than 99.7% of all CVEs

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38112; https://nvd.nist.gov/vuln/detail/CVE-2024-38112

HIGH

In CISA KEV

High EPSS

Published

Jul 9, 2024

Added to KEV

Jul 9, 2024

Remediation Due

Jul 30, 2024

Microsoft

Windows