CVE-2024-49039

Vulnerability updated a year ago (2024-11-15T15:53:55.385Z)

Download STIX

Preview STIX

Not enough context has been learned about CVE-2024-49039 for a description yet. However we're tracking it as a Vulnerability profile. Vulnerability: A flaw in software design or implementation

Description last updated:

What's your take? (Question 1 of 4)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Vulnerability

Microsoft

Windows

Firefox

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The RomCom Malware is associated with CVE-2024-49039. RomCom, a malicious software, has been identified as a significant cyber threat. Reports from third-party and open-source intelligence since spring 2022 have indicated a connection between RomCom Remote Access Trojan (RAT) actors, Cuba ransomware actors, and Industrial Spy ransomware actors. The mal	Unspecified	2

Source Document References

Information about the CVE-2024-49039 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
ESET	3 months ago	Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability
InfoSecurity-magazine	5 months ago	Russian APT Groups Intensify Attacks in Europe with Zero-Day Exploits
Securelist	8 months ago	Vulnerability landscape analysis for Q4 2024
ESET	8 months ago	RomCom exploits Firefox and Windows zero days in the wild
ESET	8 months ago	Zero-click exploit abusing Firefox and Windows zero days
Checkpoint	a year ago	2nd December – Threat Intelligence Report - Check Point Research
Securityaffairs	a year ago	Russian group RomCom exploited Firefox and Tor Browser zero-days to target attacks Europe and North America
InfoSecurity-magazine	a year ago	Russian RomCom APT Group Leverages Zero-Day Flaws in Firefox, Windows
DARKReading	a year ago	'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor
Checkpoint	a year ago	18th November – Threat Intelligence Report
Canadian Centre for Cyber Security	a year ago	Microsoft security advisory – November 2024 monthly rollup (AV24–649) - Canadian Centre for Cyber Security
SANS ISC	a year ago	Microsoft November 2024 Patch Tuesday - SANS Internet Storm Center
DARKReading	a year ago	2 Zero-Day Bugs in Microsoft's Nov. Update Under Exploit
CISA	a year ago	CISA Adds Five Known Exploited Vulnerabilities to Catalog \| CISA
Securityaffairs	a year ago	Microsoft Patch Tuesday security updates for November 2024 fix two actively exploited zero-days
CrowdStrike	a year ago	November 2024 Patch Tuesday: Updates and Analysis \| CrowdStrike
Krebs on Security	a year ago	Microsoft Patch Tuesday, November 2024 Edition