Photo: webforpc.com
Kanfanin Mozilla wato masu browser din firefox sun bayyanar da wata sanarwa akan wani nakasu (wani kafa mara tsaro) a cikin browser din su ta fierfox da kuma Firefox Extended Support Release (ESR) wanda thread actors ke amfani da damar wannan vulnerability wajan cutar da mutane.
Wannan kafa mai rauni wadda akai ma lakabi da CVE-20224-9680 tare da impact da CVSS score 9.8 wanda hakan ke nuna cewa wannan vulnerability din nada hadari. "Mai kutse ba bisa ka'ida ba zai iya amfani da wannan damar ta hanyar samar da RCE akan browser din da yakai ma hari (ma'ana RCE na nufin Remoter Code Execution, samun damar yin hakan shine kamar kayi amfani da computer dinka a gida ka iya controlling wata computer dake wata uwa duniya ta hanyar bata umarni" kamar yadda mozilla suka fadi ran laraba wadda suke kawo shawarwari naci gaban browser din ta firefox.
"Munji cewa rahotanni da yawa sun bayyana wannan vulnerability din "
Mai bincike game da harkar tsaron na internet wato Damien Schaeffer daga kamfanin Slovakia ESET ya samu lambar yabo bayan ya binciko wannan vulnerability din da kuma bayyanar dashi cikin gaggawa. Sannan kuma wannnan kafa mai rauni din ta shafi firefox wanda suke da versions kamar haka:
- Firefox 131.0.2
- Firefox ESR 128.3.1, and
- Firefox ESR 115.16.1.