CVE-2024-0741

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jan 23, 2024
Updated: Feb 2, 2024
CWE ID 787

Summary

CVE-2024-0741 is a vulnerability in ANGLE that could allow an attacker to corrupt memory, potentially leading to a crash. This vulnerability affects Firefox versions prior to 122, Firefox ESR versions prior to 115.7, and Thunderbird versions prior to 115.7. The vulnerability has a base severity rating of MEDIUM and a base score of 6.5 according to NIST. Exploiting the vulnerability requires user interaction and the attack vector is through the network. The impact of the vulnerability does not affect confidentiality or integrity, but it can have a high availability impact on affected systems. The vulnerability has an exploitability score of 2.8 and an impact score of 3.6 according to CVSS version 3.1.

Remediation steps for this vulnerability would involve updating the affected software products - Firefox, Firefox ESR, and Thunderbird - to versions 122, 115.7, or newer respectively.

The specific danger posed by this vulnerability is not explicitly mentioned in the provided information, but potential risks could include unauthorized access or manipulation of sensitive data, disruption of system availability or stability, and possible exploitation for further attacks on an organization's network.

Please note that this summary is based solely on the information provided and may not cover all aspects or details related to the vulnerability.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-0741 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options