ESET researchers discovered two code execution vulnerabilities in WPS Office for Windows. CVE-2024-7262 was exploited by APT-C-60, a South Korea-aligned cyberespionage group, to target East Asian countries. The vulnerability allowed arbitrary code execution via a malicious hyperlink in a spreadsheet document. CVE-2024-7263 was subsequently discovered during the analysis of the patch for the first vulnerability. Both flaws affected the plugin component promecefpluginhost.exe and could be triggered by a single click. The vulnerabilities impacted WPS Office versions from 12.2.0.13110 to 12.2.0.17119. Users are strongly advised to update to the latest version to mitigate these security risks. Author: AlienVault
Related Tags:
code execution
cve-2024-7262
spreadsheet
hyperlink
taskcontroler.dll
wps office
plugin
SpyGlace
T1608.001
Associated Indicators:
6174276F94219BC386BDC628CA18EAEC261998B7BD03077562FE93C268B42446
7509B4C506C01627C1A4C396161D07277F044AC6
08906644B0EF1EE6478C45A6E0DD28533A9EFC29
914CBE6372D5B7C93ADDC4FEB5E964CD
B14EF85A60AC71C669CC960BDF580144
9F88234068D7ABAD65979EB1DF63EFB5