CVE-2024-9680 - Mozilla Firefox Use-After-Free Vulnerability

Vulnerability Name

Mozilla Firefox Use-After-Free Vulnerability

Description

Mozilla Firefox and Firefox ESR contain a use-after-free vulnerability in Animation timelines that allows for code execution in the content process.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/

https://nvd.nist.gov/vuln/detail/CVE-2024-9680

Related News Articles

Mozilla warns Windows users of critical Firefox sandbox escape flawMarch 27, 2025

Firefox and Windows zero-days exploited by Russian RomCom hackersNovember 26, 2024

RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated CyberattacksNovember 26, 2024

SolarWinds Web Help Desk flaw is now exploited in attacksOctober 17, 2024