Описание
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
FAQ
What is the version information for this release?
| Microsoft Edge Version | Date Released | Based on Chromium Version |
|---|---|---|
| 130.0.2849.46 | 10/17/2024 | 130.0.6723.59 |
According to the CVSS metric, the attack vector is network (AV:N) and user interaction is required (UI:R). What is the target context of the remote code execution?
Successful exploitation of this vulnerability requires the victim user to click a malicious link so that the attacker can initiate remote code execution on the renderer process.
According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
The user would have to click on a specially crafted URL to be compromised by the attacker.
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
7.5 High
CVSS3
Связанные уязвимости
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Уязвимость браузера Microsoft Edge, связанная с переполнением буфера в динамической памяти, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
EPSS
7.5 High
CVSS3