PT-2024-5977 · Microsoft · Edge

Eternalsakura13

Published

2024-08-22

Updated

2024-09-19

CVE-2024-38209

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Microsoft Edge (Chromium-based) versions up to 128.0.2739.41

Description The vulnerability in Microsoft Edge (Chromium-based) is related to insufficient input validation. Exploitation of this issue may allow an attacker to execute arbitrary code.

Recommendations For versions up to 128.0.2739.41, upgrade to the latest version immediately to protect against potential remote attacks. At the moment, there is no information about additional mitigation measures for this vulnerability.

Fix

RCE

Type Confusion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-843CWE-20

Related Identifiers

BDU:2024-06785

CVE-2024-38209

Affected Products

Edge

PT-2024-5977 · Microsoft · Edge

CVE-2024-38209

Weakness Enumeration

Related Identifiers

Affected Products

References · 16