Summary: The Tor anonymity network has issued an emergency patch for a critical security flaw (CVE-2024-9680) that was actively being exploited against its users, allowing attackers to execute malicious code within the browser. Discovered by ESET, the vulnerability is a “use-after-free” flaw that poses significant risks but does not likely deanonymize users in Tails, a privacy-focused operating system.
Threat Actor: Unknown | unknown
Victim: Tor Browser Users | Tor Browser Users
Key Point :
- The CVE-2024-9680 vulnerability allows attackers to execute malicious code without user interaction.
- It has a CVSS score of 9.8, indicating a critical level of severity.
- Both Mozilla and Tor recommend users update their browsers to the latest versions to mitigate the risk.
- The flaw is a “use-after-free” bug, which is common in memory corruption attacks targeting browsers.
- The vulnerability does not likely compromise user anonymity when using Tails, a secure operating system.
The Tor anonymity network issued an emergency patch last week to address a recently-discovered security flaw that was being exploited against its users.
The bug, tracked as CVE-2024-9680, allows attackers to execute malicious code within the browser’s content process — the environment where web content is loaded and rendered.
The flaw was discovered by a researcher from the cybersecurity firm ESET and was first patched by the Mozilla Foundation in its Firefox web browser last week.
According to Tor’s statement, Mozilla is aware of the flaw being actively exploited in the wild against Tor Browser users.
“Using this vulnerability, an attacker could take control of Tor Browser, but probably not deanonymize you in Tails,” the statement reads.
Tails is a privacy-focused operating system that runs from a USB or DVD, leaving no trace on the host computer after shutdown. It routes all internet traffic through the Tor network to ensure anonymity and comes with built-in tools like encrypted email, secure messaging and disk encryption.
The CVE-2024-9680 vulnerability is described as a “use-after-free” flaw, which occurs when a program tries to access memory that has already been released or freed. Memory corruption bugs like this are often used to attack browsers, potentially giving attackers control over the service or further access to the system.
The exploit requires no user interaction and can be executed over the network with low complexity. It has been assigned a CVSS score of 9.8 out of 10, indicating a critical vulnerability.
To address the flaw, both Mozilla and Tor recommend that users update their browser installations to the most current versions available.
Recorded Future
Intelligence Cloud.
Source: https://therecord.media/recently-patched-firefox-bug-being-used-against-tor-browser-users