Mozilla warns of a Firefox zero-day vulnerability actively exploited in cyberattacks

Home/Exploitation, Internet Security, Security Advisory, Security Update, vulnerability/Mozilla warns of a Firefox zero-day vulnerability actively exploited in cyberattacks

Mozilla warns of a Firefox zero-day vulnerability actively exploited in cyberattacks

A critical use-after-free vulnerability in Firefox and Firefox Extended Support Release (ESR) is being actively exploited in cyberattacks.

Mozilla has issued a warning about a critical zero-day vulnerability in Firefox, CVE-2024-9680, which is being actively exploited in cyberattacks. The flaw has a CVSS score of 9.8 and was reported by Damien Schaeffer from ESET.

This vulnerability affects the Animation timeline component of Firefox and can be exploited through a use-after-free (UAF) flaw, where attackers can access released memory.

This can lead to system crashes, privilege escalation, or remote code execution. Mozilla confirmed that the vulnerability is being exploited in real-world attacks, increasing its severity.

This flaw allows attackers to execute arbitrary code, compromising system security and potentially leading to further unauthorized access and data theft. Details on its use in real-world attacks are still unknown.

Fixes Available:

  • Firefox 131.0.2
  • Firefox ESR 115.16.1
  • Firefox ESR 128.3.1

Users are strongly advised to apply these updates immediately due to the critical nature of the vulnerability and its active exploitation.

‍Follow Us on: Twitter, InstagramFacebook to get the latest security news!

Post Views: 173
By | 2024-10-14T04:21:58+05:30 October 10th, 2024|Exploitation, Internet Security, Security Advisory, Security Update, vulnerability|

About the Author:

FirstHackersNews- Identifies Security

Related Posts

Leave A Comment

Subscribe to our newsletter to receive security tips everday!