Request a Demo
Rewterz
Rewterz Threat Alert –AZORult Malware – Active IOCs
August 2, 2021
Rewterz
Rewterz Threat Advisory –IBM QRadar User Behavior Analytics Vulnerability
August 3, 2021

Rewterz Threat Advisory –Multiple Google Chrome Security Vulnerabilities

Severity

High

Analysis Summary

CVE-2021-30597

Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in Browser UI. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.

CVE-2021-30596

Google Chrome could allow a remote attacker to bypass security restrictions, caused by incorrect security UI in Navigation. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.

CVE-2021-30594

Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in Page Info UI. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.

CVE-2021-30593

Google Chrome could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in Tab Strip. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to obtain sensitive information.

CVE-2021-30592

Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in Tab Groups. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.

CVE-2021-30590

Google Chrome is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by Bookmarks. By persuading a victim to visit a specially crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.

Impact

  • Bypass Security
  • Privilege Escalation

Affected Vendors

Google

Affected Products

  • Google Chrome 92

Remediation

Upgrade to the latest version of Chrome (92.0.4515.131 or later).