CVE-2024-21336

CVSS 3.1 Score 2.5 of 10 (low)

Details

Published Jan 26, 2024
Updated: Jun 11, 2024
CWE ID 357

Summary

CVE-2024-21336 is a newly disclosed spoofing vulnerability affecting Microsoft Edge, the chromium-based web browser. Attackers can exploit this issue to trick users into believing they are visiting a legitimate website, when in fact they are on a malicious one. The flaw lies in the browser's handling of certain web content, allowing the attacker to manipulate the address bar display and potentially steal sensitive information. Microsoft is working on a patch to address the vulnerability and users are advised to keep their browsers updated to protect against such threats.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Edge Chromium

Affected Vendors

  • Microsoft