CVE-2024-43596

Access of Resource Using Incompatible Type ('Type Confusion') (CWE-843)

Published: Oct 17, 2024

010
CVSS 6.5EPSS 0.13%Medium
CVE info copied to clipboard

Summary

A Remote Code Execution Vulnerability has been identified in Microsoft Edge (Chromium-based). This vulnerability is classified as a Type Confusion issue, which falls under the Common Weakness Enumeration (CWE) category CWE-843: Access of Resource Using Incompatible Type. The vulnerability affects Microsoft Edge (Chromium-based) versions prior to 130.0.2849.46.

Impact

This vulnerability has a high severity with a CVSS v3.1 base score of 8.8 out of 10. The impact is significant, with high potential for compromising confidentiality, integrity, and availability of the affected systems. The attack vector is network-based, requiring user interaction but no privileges, and has low attack complexity. If exploited, an attacker could potentially execute arbitrary code on the target system, leading to full system compromise. This could result in unauthorized access to sensitive data, modification of system files, or disruption of services.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available for this vulnerability. Microsoft has released an update to address the issue in Microsoft Edge (Chromium-based). The patch was made available on October 17, 2024, and can be obtained through the Microsoft Update Guide.

Mitigation

To mitigate this vulnerability, it is strongly recommended to update Microsoft Edge (Chromium-based) to version 130.0.2849.46 or later as soon as possible. Given the high severity score and the potential for remote code execution, this update should be prioritized in patching efforts. Additionally, as user interaction is required for exploitation, educating users about the risks of interacting with untrusted content or visiting suspicious websites can serve as an additional layer of protection. It's also advisable to monitor for any unusual activities or unauthorized access attempts on systems running vulnerable versions of Microsoft Edge.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

Timeline

First Article

Feedly found the first article mentioning CVE-2024-43596. See article

Oct 17, 2024 at 10:21 PM / Microsoft Security Advisories - MSRC
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 17, 2024 at 10:21 PM
CVE Assignment

NVD published the first details for CVE-2024-43596

Oct 17, 2024 at 11:15 PM
CVSS

A CVSS base score of 6.5 has been assigned.

Oct 17, 2024 at 11:20 PM / nvd
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Nessus (209257)

Oct 18, 2024 at 3:15 AM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (380734)

Oct 18, 2024 at 7:15 AM
EPSS

EPSS Score was set to: 0.09% (Percentile: 37.9%)

Oct 18, 2024 at 10:19 AM
CVSS

A CVSS base score of 8.8 has been assigned.

Oct 18, 2024 at 5:00 PM / nvd
Threat Intelligence Report

CVE-2024-43596 is a critical type confusion vulnerability in Microsoft Edge (Chromium-based) that could enable remote code execution if a victim clicks a malicious link. The exploitation requires user interaction, specifically clicking the link, to allow the attacker to execute code on the renderer process. The provided information does not specify a CVSS score, details on exploitation in the wild, proof-of-concept exploits, mitigations, detections, patches, or downstream impacts on third-party vendors. See article

Oct 19, 2024 at 2:45 AM
Static CVE Timeline Graph

Affected Systems

Microsoft/edge_chromium
+null more

Patches

Microsoft
+null more

References

Microsoft Fixes Several Important, Moderate and Low Severity Microsoft Edge Vulnerabilities
Classification: Important, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 7.6, CVEs: CVE-2024-49023, CVE-2024-43566, CVE-2024-43578, CVE-2024-43579, CVE-2024-43580, CVE-2024-43587, CVE-2024-43595, CVE-2024-43596, Summary: Microsoft has fixed several Microsoft Edge vulnerabilities that range from low severity to important. The more severe vulnerabilities allow for remote code execution in certain situations. However, the vulnerabilities require interaction from the user. This would mean an attacker needs to convince a user to take action by viewing attacker-controlled content.
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
According to the CVSS metric, the attack vector is network (AV:N) and user interaction is required (UI:R). Successful exploitation of this vulnerability requires the victim user to click a malicious link in order for the attacker to initiate remote code execution on the renderer process.
CVE-2024-43596 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Information published.
See 2 more references

News

Patch Tuesday November 2024 - 3 Zero Days!
So, without further ado, here’s the chart of MS patches that affect Windows platforms in the past month. Of this months patches only 8 are critical and 88 important.
November Microsoft Patch Tuesday
November Microsoft Patch Tuesday. 125 CVEs, 35 of which were added since October MSPT. 2 vulnerabilities with signs of exploitation in the wild: Elevation of Privilege - Windows Task Scheduler (CVE-2024-49039) Disclosure/Spoofing - NTLM Hash (CVE-2024-43451) No signs of exploitation, but with a private PoC of the exploit: Remote Code Execution - Microsoft Edge (CVE-2024-43595, CVE-2024-43596) Authentication Bypass - Azure Functions (CVE-2024-38204) Authentication Bypass - Microsoft Dataverse (CVE-2024-38139) Spoofing - Microsoft Exchange (CVE-2024-49040) Among the rest can be highlighted: Remote Code Execution - Windows Kerberos (CVE-2024-43639) Elevation of Privilege - Windows Win32k (CVE-2024-43636) Elevation of Privilege - Windows DWM Core Library (CVE-2024-43629) Elevation of Privilege - Windows NT OS Kernel (CVE-2024-43623) Full Vulristics report На...
November Microsoft Patch Tuesday
November Microsoft Patch Tuesday. 125 CVEs, 35 of which were added since October MSPT. 2 vulnerabilities with signs of exploitation in the wild: Elevation of Privilege – Windows Task Scheduler (CVE-2024-49039) Disclosure/Spoofing – NTLM Hash (CVE-2024-43451) No signs of exploitation, but with a private PoC of the exploit: Remote Code Execution – Microsoft Edge (CVE-2024-43595, CVE-2024-43596) Authentication Bypass – Azure Functions (CVE-2024-38204) Authentication Bypass – Microsoft Dataverse (CVE-2024-38139) Spoofing – Microsoft Exchange (CVE-2024-49040) Among the rest can be highlighted: Remote Code Execution – Windows Kerberos (CVE-2024-43639) Elevation of Privilege – Windows Win32k (CVE-2024-43636) Elevation of Privilege – Windows DWM Core Library (CVE-2024-43629) Elevation of Privilege – Windows NT OS Kernel (CVE-2024-43623) Full Vulristics report На русском
Third-Party Software Update Catalog Release History – October 2024
Third-Party Software Update Catalog Release History – October 2024 In October 2024, our third-party software update catalog for Microsoft SCCM contained 1457 bug, feature, and security-related updates. Below you will find a full list of relevant updates and new products for October 2024. 1457 Total Updates 512 Security Updates 439 of the 512 security updates include CVE-IDs 105 New Products New Products: Altova XMLSpy 2025 Enterprise Edition 2025.00.00.0 (EXE-x64) Altova XMLSpy 2025 Enterprise Edition 2025.00.00.0 (EXE-x86) Altova XMLSpy 2025 Professional Edition 2025.00.00.0 (EXE-x64) Altova XMLSpy 2025 Professional Edition 2025.00.00.0 (EXE-x86) Amazon Athena ODBC Driver 2.0.3.0 (MSI-x64) Apache Tomcat 11.0 (EXE-x64) Autodesk AutoCAD Mechanical 2022 v26.0.76.0 (EXE-x64) Autodesk AutoCAD Mechanical 2023 v27.0.77.0 (EXE-x64) Autodesk AutoCAD Mechanical 2024 v28.0.91.0 (EXE-x64) Autodesk AutoCAD Mechanical 2025 v29.0.73.0 (EXE-x64) AWP Identity Manager 5.3.5.385 (MSI-x64) AWP Identity Manager 5.3.5.385 (MSI-x86) Cherry Keys 1.0.7.0 (MSI-x64) Cherry Keys 1.0.7.0 (MSI-x86) Connective Signing Plugins 2.0.9.0 (MSI-x86) Dell Peripheral Manager 1.7.6.0 (EXE-x64) DigiDoc4 Client 4.6.0.5305 (MSI-x64) Drata Agent 3.6.1.0 (User-x64) eBuddy 12.4.2.32082 (MSI-x86) eID Software 24.10.18.8368 (EXE-x64) Elgato 4K Capture Utility 1.7.13.6046 (MSI-x64) Elgato Camera Hub 1.11.0.4066 (MSI-x64) Elgato Control Center 1.7.1.600 (MSI-x64) eParakstitajs 3.0 1.8.0.0 (MSI-x64) eParakstitajs 3.0 1.8.0.0 (MSI-x86) EUROMOD 3.7.6.0 (EXE-x64) FastCopy 5.8.0.0 (User-x64) GitHub Desktop 3.4.8 (User-x64) Go Integrator Cara 4.5.0.8688 (EXE) Helix Visual Client P4V 242.43.2.0 (EXE-x64) Helix Visual Client P4V 242.43.2.0 (MSI-x64) INI Viewer and Editor 2.11.0.0 (EXE-x64) Input Director 2.3.0.0 (EXE-x64) Iridium Browser 116.0.0.0 (MSI-x64) Iridium Browser 116.0.0.0 (MSI-x86) JetBrains Rider 2022 223.8836.53.0 (EXE-x86) JetBrains Rider 2023 233.15026.35.0 (EXE-x86) JetBrains Rider 2024 242.23726.100.0 (EXE-x86) JetBrains Rider Latest 242.23726.100.0 (EXE-x86) JetBrains Space 2023.1.7.0 (User-x64) ksnip 1.10.1.0 (MSI-x64) LAV Filters 0.79.2.0 (EXE-x86) LocalSend 1.15.4.0 (EXE-x64) LocalSend 1.15.4.0 (User-x64) MailStore Client 24.100.22356.0 (MSI-x86) MailStore Outlook Add-in 24.100.22356.0 (MSI-x86) MaxCut 2.9.3.4 (EXE-x86) MerciApp 2.6.12 (User-x64) Microsoft Visual Studio Tools for Applications 2015 14.0.23829.0 (EXE-x86) Microsoft Visual Studio Tools for Applications 2017 15.0.26717.0 (EXE-x86) Microsoft Visual Studio Tools for Applications 2019 16.0.31110.0 (EXE-x86) Microsoft Visual Studio Tools for Applications 2022 17.0.33529.0 (EXE-x86) Monosnap 5.1.13.0 (User-x64) Mozilla Firefox ESR 128.3.0 (x64 ja) Mozilla Firefox ESR 128.3.0 (x86 ja) Mozilla Thunderbird 128.3.0 (x64 de) Mozilla Thunderbird 128.3.0 (x64 ES-es) Mozilla Thunderbird 128.3.0 (x64 fr) Mozilla Thunderbird 128.3.0 (x64 it) Mozilla Thunderbird 128.3.0 (x86 de) Mozilla Thunderbird 128.3.0 (x86 ES-es) Mozilla Thunderbird 128.3.0 (x86 fr) Mozilla Thunderbird 128.3.0 (x86 it) MTPuTTY 1.8.5.0 (EXE-x86) MTPuTTY 1.8.5.0 (User-x86) NetPad 0.8.0.0 (EXE-x64) NetPad 0.8.0.0 (User-x64) Nuclino 1.6.5.0 (User-x64) Nullsoft Scriptable Install System 3.10.0.0 (EXE-x86) NVivo 15.0.0.12 (EXE-x64) Octoparse 8.7.2.0 (EXE-x64) Oracle VirtualBox 7.1.2 (EXE-x64) Oracle VirtualBox Latest 7.1.2.0 (EXE-x64) Pix4Dmatic 1.63.1.0 (MSI-x64) Power BI ALM Toolkit 5.1.3.0 (MSI-x64) Prowise Presenter 1.0.0.0 (EXE-x64) Prowise Presenter 1.0.0.0 (MSI-x64) Prowise Reflect 1.2.0.0 (EXE-x86) PrusaSlicer 2.8.1.0 (EXE-x64) PVSOL 2024 v2024.4.0.0 (EXE-x86) PVSOL premium 2024 v2024.8.0.0 (EXE-x86) PVsyst 7.4.8.0 (EXE-x64) Python 3.13.150.0 (EXE-x64) Python 3.13.150.0 (EXE-x86) QENC Decrypter 1.2.0.22173 (EXE-x86) QNAP Qfinder Pro 7.11.1.0726 (EXE-x86) QNAP Qsync Client 5.1.6.0906 (EXE-x86) QuDedup Extract Tool 1.1.5.24208 (EXE-x86) Rainbow 2.139.2.0 (MSI-x86) Rainbow 2.139.2.0 (User-x64) Rancher Desktop 1.16.0.0 (MSI-x64) Regression Suite Automation Tool 2.7.16771.39 (MSI) SBC Configuration Wizard 2.31.0.0 (EXE-x86) Simba Athena ODBC Driver 1.x 1.2.3.1000 (MSI-x64) Simba Athena ODBC Driver 1.x 1.2.3.1000 (MSI-x86) Syslog Viewer 2.25.0.0 (EXE-x64) Tableau Desktop 2024.2 24.2.1060.0 (EXE-x64) Tableau Desktop 2024.3 24.3.425.0 (EXE-x64) Tableau Prep Builder 2024.2 24.2.40000.0 (EXE-x64) Tableau Prep Builder 2024.3 24.3.40066.0 (EXE-x64) Termius 9.8.3.0 (User-x64) Voxbi 2.11.46.0 (MSI-x86) WinDirStat 2.0.3.832 (MSI-x64) WinDirStat 2.0.3.832 (MSI-x86) WinZip 29.0.16250.0 (MSI-x64) Updates Added: (Oldest to Newest) 1Password 8.10.46 (MSI-x64) 1Password 8.10.46 (User) Release Notes for 1Password 8.10.46 Release Type: ⬤ ⬤ Scan Detection Ratio 0/60 VirusTotal Latest Scan Results (MSI-x64) Scan Detection Ratio 0/70 VirusTotal Latest Scan Results (User) Advanced Installer 22.1.0 (MSI-x86) Release Notes for Advanced Installer 22.1.0 (MSI-x86) Release Type: ⬤
2024-41 - Mozilla, Canonical, Red Hat, Cisco, Atlassian, Microsoft, Google, GitHub, Spring 🗂️
Advisory Week Week 41, 2024 National Cyber Awareness System Oracle Releases Quarterly Critical Patch Update Advisory for October 2024 CISA Adds One Known Exploited Vulnerability to Catalog CISA Releases Seven Industrial Control Systems Advisories CISA, FBI, NSA, and International Partners Release Advisory on Iranian Cyber Actors Targeting Critical Infrastructure Organizations Using Brute Force CISA and FBI Release Joint Guidance on Product Security Bad Practices for Public Comment CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA Releases Two Industrial Control Systems Advisories Guidance: Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM) Mozilla Security Advisories Security Vulnerabilities fixed in Firefox for iOS 131.2 mfsa2024-54 Security Vulnerability fixed in Firefox 131.0.3 mfsa2024-53 Ubuntu Security Notices Linux kernel (Azure) vulnerabilities: USN-7069-2 / USN-7028-2 / USN-7076-1 / USN-7073-2 / USN-7074-1 OATH Toolkit vulnerability: USN-7059-2 Linux kernel vulnerabilities: USN-7073-1 / USN-7072-1 / USN-7069-1 Linux kernel vulnerability: USN-7071-1 Vim vulnerability: USN-7048-2 libarchive vulnerabilities: USN-7070-1 APR vulnerability: USN-7038-2 nano vulnerability:
See 23 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:Required
Scope:Unchanged
Confidentiality:High
Integrity:None
Availability Impact:None

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI