Описание
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
FAQ
What is the version information for this release?
| Microsoft Edge Channel | Microsoft Edge Version | Based on Chromium Version | Date Released |
|---|---|---|---|
| Stable | 129.0.2792.52 | 129.0.6668.58/.59 | 9/19/2024 |
According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
The user would have to click on a specially crafted URL to be compromised by the attacker.
According to the CVSS metric, the attack vector is network (AV:N) and user interaction is required (UI:R). What is the target context of the remote code execution?
Successful exploitation of this vulnerability requires the victim user to click a malicious link so that the attacker can initiate remote code execution on the renderer process.
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
Уязвимость браузера Microsoft Edge, связанная с неверным управлением генерацией кода, позволяющая нарушителю выполнить произвольный код
EPSS
6.5 Medium
CVSS3