Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Critical Zero-Day Vulnerability in Mozilla Firefox
Alerts

Critical Zero-Day Vulnerability in Mozilla Firefox

10 October 2024

Mozilla has released security updates addressing a critical zero-day vulnerability (CVE-2024-9680) in Firefox. The vulnerability has a CVSSv3 score of 9.8, and there are reports of it being exploited in the wild. 

Successful exploitation of the use-after-free vulnerability could allow a remote attacker to execute arbitrary code.

The vulnerability affects the following products:

  • Firefox before 131.0.2

  • Firefox Extended Support Release (ESR) before 128.3.1, and Firefox ESR before 115.16.1

Users and administrators of affected product versions are advised to update to the latest version immediately.

More information is available here:

https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/

https://nvd.nist.gov/vuln/detail/CVE-2024-9680


Back to top