New: 2026 Gartner® Market Guide for Adversarial Exposure Validation
Learn More
Cymulate named a Customers' Choice in 2025 Gartner® Peer Insights™
Learn More
New Research: The Security Tradeoffs Behind AI Tooling
Learn More
An Inside Look at the Technology Behind Cymulate
Learn More
Book a Demo
Book a Demo

APT37 Exploits Microsoft Internet Explorer Zero Day Vulnerability

December 11, 2022

The APT37 threat group was discovered exploiting a remote code execution vulnerability in Windows Scripting Languages (CVE-2022-41128). The initial infection vector consisted of malicious Microsoft Office documents along with a rich text file (RTF) remote template. Successful exploitation requires the victim to disable protected view before the remote RTF template is downloaded.

Featured Resources

View More Resources
image
blog

CVE-2026-7791: Privileged by Default 

Amazon WorkSpaces flaw CVE-2026-7791 lets low-privileged users gain SYSTEM access via Skylight service abuse.

Read More
image
blog

When a Web Search Becomes a Backdoor: Remote Code Execution in Codex CLI via Prompt Injection and Binary Hijacking on Windows

Cymulate Research Labs uncovered a Codex CLI flaw enabling silent host-level command execution outside the sandbox.

Read More
image
Data Sheet

Cymulate Vero AI

Cymulate Vero AI delivers secure, domain-specific cybersecurity AI with private infrastructure and zero customer data training.

Read More