CVE-2024-39379: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Overview

Severity

High (CVSS 7)

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Category

Edge - Chromium

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2024-Jul

Released

2024-07-25

EPSS Score

0.05% (percentile: 16.0%)

FAQ

Why is this Adobe CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Adobe Software which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser? In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window Click on Help and Feedback Click on About Microsoft Edge What is the version information for this release? Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 127.0.2651.74 127.0.6533.73 7/11/2024

Affected Products (1)

Browser

• Microsoft Edge (Chromium-based)

Acknowledgments

0x140ce

Revision History

• 2024-07-25: Information published.