CVE-2024-49039

Vulnerability updated 8 months ago (2024-11-15T15:53:55.385Z)

Download STIX

Preview STIX

Not enough context has been learned about CVE-2024-49039 for a description yet. However we're tracking it as a Vulnerability profile. Vulnerability: A flaw in software design or implementation

Description last updated:

What's your take? (Question 1 of 4)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Vulnerability

Microsoft

Windows

Firefox

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The RomCom Malware is associated with CVE-2024-49039. RomCom, a malicious software, has been identified as a significant cyber threat. Reports from third-party and open-source intelligence since spring 2022 have indicated a connection between RomCom Remote Access Trojan (RAT) actors, Cuba ransomware actors, and Industrial Spy ransomware actors. The mal	Unspecified	2

Source Document References

Information about the CVE-2024-49039 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
InfoSecurity-magazine	2 months ago	Russian APT Groups Intensify Attacks in Europe with Zero-Day Exploits
Securelist	5 months ago	Vulnerability landscape analysis for Q4 2024
ESET	5 months ago	RomCom exploits Firefox and Windows zero days in the wild
ESET	5 months ago	Zero-click exploit abusing Firefox and Windows zero days
Checkpoint	8 months ago	2nd December – Threat Intelligence Report - Check Point Research
Securityaffairs	8 months ago	Russian group RomCom exploited Firefox and Tor Browser zero-days to target attacks Europe and North America
InfoSecurity-magazine	8 months ago	Russian RomCom APT Group Leverages Zero-Day Flaws in Firefox, Windows
DARKReading	8 months ago	'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor
Checkpoint	8 months ago	18th November – Threat Intelligence Report
Canadian Centre for Cyber Security	8 months ago	Microsoft security advisory – November 2024 monthly rollup (AV24–649) - Canadian Centre for Cyber Security
SANS ISC	8 months ago	Microsoft November 2024 Patch Tuesday - SANS Internet Storm Center
DARKReading	8 months ago	2 Zero-Day Bugs in Microsoft's Nov. Update Under Exploit
CISA	8 months ago	CISA Adds Five Known Exploited Vulnerabilities to Catalog \| CISA
Securityaffairs	8 months ago	Microsoft Patch Tuesday security updates for November 2024 fix two actively exploited zero-days
CrowdStrike	8 months ago	November 2024 Patch Tuesday: Updates and Analysis \| CrowdStrike
Krebs on Security	8 months ago	Microsoft Patch Tuesday, November 2024 Edition