Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities

Rewterz Threat Alert – SideWinder APT Group aka Rattlesnake – Active IOCs

October 16, 2023

Rewterz Threat Advisory – Multiple Apache Airflow Vulnerabilities

October 16, 2023

Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-5474 CVSS:8.8

Google Chrome is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by PDF. By persuading a victim to visit a specially crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.

CVE-2023-5485 CVSS:4.3

Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in Autofill. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.

Impact

Gain Access
Buffer Overflow
Security Bypass

Indicators Of Compromise

CVE

CVE-2023-5474
CVE-2023-5485

Affected Vendors

Google

Affected Products

Google Chrome 118.0

Remediation

Upgrade to the latest version of Google Chrome, available from the Google Chrome Releases Web site.

Google Chrome Releases Web site

Rewterz Threat Alert – SideWinder APT Group aka Rattlesnake – Active IOCs

Rewterz Threat Advisory – Multiple Apache Airflow Vulnerabilities

Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan