Severity
Medium
Analysis Summary
CVE-2024-49041 CVSS:4.3
Microsoft Edge (Chromium-based) could allow a remote attacker to conduct spoofing attacks. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to modify the content of the vulnerable link to redirect the victim to a malicious site.
CVE-2024-49054 CVSS:4.3
Microsoft Edge (Chromium-based) could allow a remote attacker to conduct spoofing attacks. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to perform an attack.
CVE-2024-49025 CVSS:5.4
Microsoft Edge (Chromium-based) could allow a remote attacker to obtain sensitive information. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to obtain sensitive information.
CVE-2024-43577 CVSS:4.3
Microsoft Edge (Chromium-based) could allow a remote attacker to conduct spoofing attacks.
Impact
- Information Disclosure
- Gain Access
Indicators of Compromise
CVE
- CVE-2024-49041
- CVE-2024-49054
- CVE-2024-49025
- CVE-2024-43577
Affected Vendors
Affected Products
- Microsoft Edge (Chromium-based) - 1.0.0
- Microsoft Edge (Chromium-based) 131.0
- Microsoft Edge (Chromium-based) - 130.0.2849.46
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.