CVE-2024-8381

Summary

CVE-2024-8381 is a critical vulnerability that affects versions of Firefox earlier than 130, Firefox ESR versions below 128.2 and 115.15, as well as Thunderbird versions prior to 128.2 and 115.15. The vulnerability stems from a type confusion issue that can be exploited when accessing property names on an object in the with environment, potentially allowing attackers to gain unauthorized access or cause significant disruptions. Organizations using the affected products should remediate this vulnerability by updating to the latest versions of Firefox and Thunderbird as specified by Mozilla's advisories. If left unaddressed, this vulnerability poses a high risk to confidentiality, integrity, and availability of systems due to its exploitability over network vectors without requiring user interaction. The overall CVSS score for this vulnerability is rated at 9.8, indicating its severe impact potential on affected systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.