Login Sign Up

CVE-2024-6602

9.8 CRITICAL

📋 TL;DR

CVE-2024-6602 is a critical memory corruption vulnerability in Mozilla products caused by mismatched memory allocation and deallocation functions. This could allow attackers to execute arbitrary code or cause application crashes. Affected users include anyone running vulnerable versions of Firefox, Firefox ESR, or Thunderbird.

💻 Affected Systems

Products:
  • Firefox
  • Firefox ESR
  • Thunderbird
Versions: Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, Thunderbird < 128
Operating Systems: Windows, Linux, macOS, All supported platforms
Default Config Vulnerable: ⚠️ Yes
Notes: All default configurations are vulnerable. No special configuration required for exploitation.

📦 What is this software?

Firefox by Mozilla

View all CVEs affecting Firefox →

Firefox by Mozilla

View all CVEs affecting Firefox →

Thunderbird by Mozilla

View all CVEs affecting Thunderbird →

Thunderbird by Mozilla

View all CVEs affecting Thunderbird →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Application crash (denial of service) or limited memory corruption leading to information disclosure.

🟢

If Mitigated

Minimal impact if systems are patched or isolated from untrusted content.

🌐 Internet-Facing: HIGH - Web browsers process untrusted content from the internet by design.
🏢 Internal Only: MEDIUM - Risk exists but attack surface is reduced compared to internet-facing systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Memory corruption vulnerabilities typically require some exploit development but CVSS 9.8 suggests reliable exploitation is feasible.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firefox 128, Firefox ESR 115.13, Thunderbird 115.13, Thunderbird 128

Vendor Advisory: https://www.mozilla.org/security/advisories/

Restart Required: Yes

Instructions:

1. Open Firefox/Thunderbird. 2. Click menu → Help → About Firefox/Thunderbird. 3. Allow automatic update to complete. 4. Restart the application when prompted.

🔧 Temporary Workarounds

Disable JavaScript

all

Reduces attack surface by disabling JavaScript execution

about:config → javascript.enabled = false

Use Content Security Policy

all

Restrict content sources to trusted domains only

🧯 If You Can't Patch

  • Isolate vulnerable systems from internet access
  • Implement application whitelisting to prevent unauthorized code execution

🔍 How to Verify

Check if Vulnerable:

Check application version in Help → About Firefox/Thunderbird

Check Version:

firefox --version or thunderbird --version

Verify Fix Applied:

Confirm version is Firefox ≥128, Firefox ESR ≥115.13, or Thunderbird ≥115.13/128

📡 Detection & Monitoring

Log Indicators:

  • Application crashes with memory access violations
  • Unexpected process termination

Network Indicators:

  • Unusual outbound connections from browser processes
  • Suspicious JavaScript payloads

SIEM Query:

source="firefox.log" OR source="thunderbird.log" AND ("crash" OR "segmentation fault" OR "access violation")

📊 Metadata

CVE ID: CVE-2024-6602
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-94
Published: July 9, 2024
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-6602, you might also want to check these:

CVE-2025-62521 10.0

CVE-2025-62521 is a critical pre-authentication remote code execution vulnerability in ChurchCRM tha...

Same vulnerability type (CWE-94)
CVE-2026-26216 10.0

Crawl4AI versions before 0.8.0 contain an unauthenticated remote code execution vulnerability in the...

Same vulnerability type (CWE-94)
CVE-2021-22205 10.0

CVE-2021-22205 is a critical remote code execution vulnerability in GitLab CE/EE where improper vali...

Same vulnerability type (CWE-94)