Remote Code Execution Vulnerability in Microsoft Edge (Chromium-based)
CVE-2024-43579

7.6HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Edge (chromium-based)
Vendor: CVE Published:; 17 October 2024

Summary

A remote code execution vulnerability exists in Microsoft Edge (Chromium-based) that could allow an attacker to execute arbitrary code on a victim's machine. Successful exploitation of this vulnerability would enable an attacker to bypass the security features of the browser, potentially gaining unauthorized access to sensitive data or executing malicious code without the user's consent. Users are advised to keep their browser updated to ensure protection against this type of threat, as it can severely compromise the integrity and security of the affected systems.

Affected Version(s)

Microsoft Edge (Chromium-based) Unknown 1.0.0 < 130.0.2849.46

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 17, 2024
Vulnerability Reserved
Aug 14, 2024

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed