CVE-2024-9401
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-9401 identifies memory safety vulnerabilities in Firefox versions 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2, which could potentially allow arbitrary code execution with sufficient effort due to evidence of memory corruption. Affected versions include Firefox < 131, Firefox ESR < 128.3, and Thunderbird < 128.3. The vulnerability has a critical severity rating with a CVSS score of 9.8, indicating high impacts on confidentiality, integrity, and availability without requiring user interaction or special privileges to exploit it. To remediate this issue, users are advised to update their software to the latest versions where these vulnerabilities have been addressed. If left unpatched, organizations face significant risks including unauthorized access to sensitive data and system compromise through network-based attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions