CVE-2024-21337

CVSS 3.1 Score 5.2 of 10 (medium)

Details

Published Jan 11, 2024
Updated: May 29, 2024
CWE ID 122

Summary

CVE-2024-21337 is an elevation of privilege vulnerability affecting Microsoft Edge, the Chromium-based web browser. Malicious actors can exploit this flaw to gain higher access privileges within the browser, potentially allowing them to install unauthorized extensions or access sensitive user data. The precise cause of the vulnerability remains undisclosed at this time. Users are encouraged to install the latest security updates to protect against potential exploitation. Microsoft Edge's Chromium-based architecture has exposed an elevation of privilege vulnerability, identified as CVE-2024-21337. By successfully exploiting this issue, attackers can hijack the browser's access privileges, potentially granting them the ability to install unwanted extensions and gain access to confidential user information. Though the underlying mechanism of the vulnerability remains undefined, users are advised to apply the latest patches to safeguard their browsing experience.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Edge Chromium

Affected Vendors

  • Microsoft