Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Critical Zero-Day Vulnerability in Mozilla Firefox
Alerts

Critical Zero-Day Vulnerability in Mozilla Firefox

10 October 2024

Mozilla has released security updates addressing a critical zero-day vulnerability (CVE-2024-9680) in Firefox. The vulnerability has a CVSSv3 score of 9.8, and there are reports of it being exploited in the wild. 

Successful exploitation of the use-after-free vulnerability could allow a remote attacker to execute arbitrary code.

The vulnerability affects the following products:

  • Firefox before 131.0.2

  • Firefox Extended Support Release (ESR) before 128.3.1, and Firefox ESR before 115.16.1

Users and administrators of affected product versions are advised to update to the latest version immediately.

More information is available here:

https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/

https://nvd.nist.gov/vuln/detail/CVE-2024-9680


Back to top