Potential cyberattacks facilitated by covertly installed browser extensions could have been deployed with the exploitation of an already addressed medium-severity privilege escalation vulnerability in Microsoft Edge, according to The Hacker News.
Threat actors could leverage the flaw, tracked as CVE-2024-21388, to target private APIs, install unwanted browser extensions without any user consent and interaction, and trigger a sandbox escape intrusion, a report from Guardio Labs showed. While there has been no evidence suggesting any active exploitation, such a security issue could be used to enable malicious JavaScript code injections on sites with API access, including bing[.]com, said the report.
"It's relatively easy for attackers to trick users into installing an extension that appears harmless, not realizing it serves as the initial step in a more complex attack. This vulnerability could be exploited to facilitate the installation of additional extensions, potentially for monetary gain," said Guardio Labs researcher Oleg Zaytsev.