CVE-2018-8174
Windows VBScript engine Use-After-Free vulnerability. It was exploited in Internet Explorer and Office documents and used to download malware such as AZORult and GandCrab. It is called Double Kill.
Vulnerability Profile
CVSS Score
8.8 / 10.0
Severity
High
Exploitation Status
⚠ Active Exploitation
Patch Status
✓ Patch Available
Affected Software
IE 9-11, Windows 7/8.1/10/Server 2008-2016
Exploitation Method
Use-After-Free RCE
MITRE ATT&CK
T1203 - Exploitation for Client Execution
CVE-2018-8174 Windows VBScript Engine UAF (Double Kill). APT37 ve yeraltı marketi aktorleri tarafindan kullanilmistir. AZORult ilk yuk olarak teslim edildi. Exploit kiti (EK) operatorlerinin favorisiydi.