CVE-2024-9401

Summary

CVE-2024-9401 describes a critical memory safety vulnerability affecting Firefox versions prior to 131, Firefox ESR versions below 128.3 and 115.16, and Thunderbird versions prior to 128.3. This flaw exhibits evidence of memory corruption that could potentially allow an attacker to execute arbitrary code with minimal effort, posing a significant risk to the confidentiality, integrity, and availability of affected systems. The vulnerability has an exploitability score of 3.9 and a CVSS base score of 9.8, indicating high severity and low complexity for exploitation via network attacks without requiring user interaction or special privileges. To mitigate this risk, users are advised to update their software to the latest versions as soon as possible. Organizations should prioritize applying these updates to protect against potential breaches stemming from this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.