March 10, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – BluStealer Infostealer aka a310logger – Active IOCs
May 10, 2023Rewterz Threat Advisory – CVE-2023-29336 – Microsoft Windows Win32k Vulnerability Exploited in the Wild
May 10, 2023Rewterz Threat Alert – BluStealer Infostealer aka a310logger – Active IOCs
May 10, 2023Rewterz Threat Advisory – CVE-2023-29336 – Microsoft Windows Win32k Vulnerability Exploited in the Wild
May 10, 2023
Severity
High
Analysis Summary
CVE-2023-2457 CVSS:8.8
Google ChromeOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVE-2023-2458 CVSS:8.8
Google ChromeOS could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in Ash. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-2457
- CVE-2023-2458
Affected Vendors
Affected Products
- Google ChromeOS 113
Remediation
Upgrade to the latest version of ChromeOS, available from the Google Chrome Releases Web site.