CVE-2024-9401

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Oct 1, 2024
CWE ID 119

Summary

CVE-2024-9401 identifies memory safety vulnerabilities in Firefox versions 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2, which could potentially allow arbitrary code execution with sufficient effort due to evidence of memory corruption. Affected versions include Firefox < 131, Firefox ESR < 128.3, and Thunderbird < 128.3. The vulnerability has a critical severity rating with a CVSS score of 9.8, indicating high impacts on confidentiality, integrity, and availability without requiring user interaction or special privileges to exploit it. To remediate this issue, users are advised to update their software to the latest versions where these vulnerabilities have been addressed. If left unpatched, organizations face significant risks including unauthorized access to sensitive data and system compromise through network-based attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2024-9401 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions