The backdoor can execute instructions and lets attackers obtain extra modules onto the suffererâs machine, ESET analysis finds
26 Nov 2024
ESET researchers have uncovered two beforehand unknown vulnerabilities in a number of Mozilla merchandise and in Home windows, with each flaws below lively exploitation by RomCom, a Russia-aligned group identified for opportunistic campaigns towards chosen enterprise verticals and focused espionage operations alike.
- CVE-2024-9680 is a use-after-free bug that enables weak variations of Firefox, Thunderbird, and the Tor Browser to execute code within the restricted context of the browser. Mozilla patched the vulnerability on October 9th, 2024.
- CVEâ2024â49039 is a privilege escalation bug in Home windows that enables code to run outdoors of Firefoxâs sandbox. Microsoft launched a patch for this second vulnerability on November 12th, 2024.
Chaining the 2 flaws permits dangerous actors to run arbitrary code within the context of the logged-in consumer â and with none consumer interplay â in a so-called zero-click exploit. In campaigns noticed by ESET, this led to the set up of RomComâs eponymous backdoor on the suffererâs pc. The backdoor can execute instructions and obtain extra modules to the suffererâs machine.
What precisely does the compromise chain contain and what else is there to know concerning the vulnerabilities and the exploits abusing them? Discover out within the video by ESET Chief Safety Evangelist Tony Anscombe and you should definitely additionally learn the complete blogpost.
