CVE Radar

CVE Radar Logo
CVERadar

Edition used by more than 30,000 companies in more than 150 countries.
Sign Up For Free

CVE-2024-29057

High Severity|Microsoft
45
SVRS
4.3
CVSSv3
0.01002
EPSS
TAGS
In The Wild
VECTOR STRING
CVSS:3.1AV:NAC:LPR:NUI:RS:UC:NI:LA:N
PUBLICATION DATE2024-03-22
LAST MODIFIED2025-05-03

Security Intelligence Brief

What is this vulnerability and why does it matter?
This is a Microsoft Edge (Chromium-based) Spoofing Vulnerability, identified as CVE-2024-29057. This vulnerability allows an attacker to disguise malicious content or websites as legitimate ones, deceiving users into believing they are interacting with a trusted source. It matters significantly because successful exploitation can lead to effective phishing attacks, credential theft, social engineering, and the potential compromise of sensitive user information or system integrity. It undermines user trust in the browser's security indicators.
What are the CVSS score, severity level, and disclosure details?
The CVSS score for CVE-2024-29057 is 4.3, which corresponds to a Medium severity level. The vulnerability was publicly disclosed and published on March 22, 2024. The last modification to the vulnerability details was on May 3, 2025.
Which products, vendors, systems, and versions are affected?
The affected product is Microsoft Edge, specifically its Chromium-based versions. The vendor responsible for the product is Microsoft. While specific version ranges are not detailed in the provided CVE data, it is understood that certain releases of Microsoft Edge were impacted by this spoofing vulnerability. Users of Microsoft Edge browsers should refer to official advisories for precise affected versions.
What is the technical root cause and attack vector?
The technical root cause of this vulnerability is identified as a spoofing flaw, categorized under CWE-357 (Improper Handling of Case Sensitivity). This indicates that the browser may incorrectly process or display certain characters, URLs, or security indicators, allowing an attacker to present a deceptive interface. The primary attack vector involves social engineering, where an attacker crafts a malicious link or webpage designed to exploit this spoofing mechanism. The user is then tricked into interacting with what appears to be a legitimate source.
How can this vulnerability be exploited?
This vulnerability can be exploited by an attacker crafting a specially designed web page or URL that leverages the spoofing flaw within Microsoft Edge. By manipulating how the browser displays certain elements or URL information, the attacker can make a malicious site appear as a legitimate and trusted domain. When a user visits this crafted site, they are deceived into believing they are on a safe platform, making them susceptible to phishing, disclosing sensitive information, downloading malware, or performing other actions that compromise their security.
What mitigation steps and patches are available?
The primary mitigation step for this vulnerability is to apply the security updates released by Microsoft. Users and administrators should ensure that Microsoft Edge browsers are updated to the latest available version, which will include patches addressing CVE-2024-29057. Regularly checking for and installing browser updates is crucial for maintaining security against such flaws.
How can vulnerable systems be detected?
Vulnerable systems can be detected by checking the version number of the Microsoft Edge browser installed on endpoints. Systems running versions of Microsoft Edge that precede the patch release for CVE-2024-29057 are considered vulnerable. Organizations should implement asset management and patch management tools to identify and track browser versions across their environment. Official Microsoft advisories would provide specific version ranges impacted.
What are the indicators of compromise (IOCs)?
Indicators of Compromise (IOCs) for this spoofing vulnerability might include:
  • Reports from users of unusual website appearances, unexpected redirects, or visual inconsistencies on typically trusted websites.
  • Suspicious URLs that, upon closer inspection, contain subtle differences or homoglyphs attempting to mimic legitimate domains, which the browser might have failed to flag due to the spoofing flaw.
  • Successful phishing attempts despite users attempting to verify site legitimacy via browser cues.
  • Network traffic to unusual or previously unknown domains that visually appear to be trusted sites to the end-user.
Which threat actors are known to exploit this vulnerability?
Based on the provided CVE data, there is no information available indicating specific threat actors currently known to be actively exploiting CVE-2024-29057.
What public intelligence references and advisories exist?
The primary public intelligence reference for this vulnerability is its Common Vulnerabilities and Exposures (CVE) identifier: CVE-2024-29057. Further detailed advisories and technical information are typically released by Microsoft through their official Security Update Guide and MSRC (Microsoft Security Response Center) channels. These resources would provide comprehensive details, including affected versions and mitigation strategies.
What is the risk assessment and urgency level?
With a CVSS score of 4.3, the risk assessment for CVE-2024-29057 is considered Medium. The urgency level for addressing this vulnerability is moderate to high. While not critical, spoofing vulnerabilities can be highly effective in enabling social engineering attacks, leading to significant consequences such as data breaches or malware infections if successfully exploited. Prompt application of patches is strongly advised to prevent users from falling victim to deceptive schemes.

No IOCs found for this CVE

No exploits found for this CVE

SOCRadar Logo

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs
Microsoft April 2026 Patch Tuesday Fixes 168 Flaws, Includes Actively Exploited Zero-Day - cyberpress.org
2026-04-15
Microsoft April 2026 Patch Tuesday Fixes 168 Flaws, Includes Actively Exploited Zero-Day - cyberpress.org | News Content: Microsoft has released its April 2026 Patch Tuesday updates, fixing 168 vulnerabilities across Windows, cloud, and application products, including one actively exploited zero-day in Microsoft SharePoint Server. Organizations are strongly advised to prioritize this update to reduce exposure to ongoing exploitation and widespread elevation of privilege risks. Actively Exploited SharePoint Zero‑day The headline flaw this month is CVE-2026-32201, a spoofing vulnerability in Microsoft SharePoint Server that attackers are already exploiting in the wild. The bug stems from improper input validation and
cve-2024-26583cve-2024-26585cve-2024-26588cve-2024-29057
Show All News

No tweets found for this CVE

Configuration 1
TypeVendorProduct
AppMicrosoftedge
ReferenceLink
[email protected]https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29057
MICROSOFT EDGE (CHROMIUM-BASED) SPOOFING VULNERABILITYhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29057
CWE IDCWE NameDescription
CWE-357Insufficient UI Warning of Dangerous OperationsThe user interface provides a warning to a user regarding dangerous or sensitive operations, but the warning is not noticeable enough to warrant attention.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence Access