CVE-2024-9680

Summary

CVE-2024-9680 is a critical vulnerability that affects multiple versions of Firefox and Thunderbird, including Firefox versions prior to 131.0.2 and Thunderbird versions prior to 131.0.1, among others. The vulnerability arises from a use-after-free flaw in Animation timelines, enabling attackers to execute arbitrary code within the content process. Reports indicate that this exploit has been actively utilized in the wild, posing a significant risk to affected organizations due to its high impact on confidentiality, integrity, and availability as denoted by a CVSS score of 9.8. To remediate this vulnerability, users are advised to upgrade their software to the latest stable versions available. Without timely updates, organizations remain vulnerable to potential attacks that can compromise sensitive data and system functionality.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.