Request a Demo
Rewterz
Multiple Adobe Products Vulnerabilities
July 26, 2024
Rewterz
CrowdStrike Alerts Users to New Phishing Scheme Aimed at Germany – Active IOCs
July 26, 2024

Multiple Google Chrome Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-6999 CVSS:6.5

Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in FedCM. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.

CVE-2024-6995 CVSS:6.5

Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in Fullscreen. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.

CVE-2024-7004 CVSS:6.5

Google Chrome could allow a remote attacker to bypass security restrictions, caused by insufficient validation of untrusted input in Safe Browsing. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.

CVE-2024-6993 CVSS:6.5

Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in Canvas. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.

CVE-2024-7001 CVSS:6.5

Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in HTML. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.

CVE-2024-7003 CVSS:6.5

Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in FedCM. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.

CVE-2024-7005 CVSS:6.5

Google Chrome could allow a remote attacker to bypass security restrictions, caused by insufficient validation of untrusted input in Safe Browsing. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.

Impact

  • Security Bypass

Indicators of Compromise

CVE

  • CVE-2024-6999
  • CVE-2024-6995
  • CVE-2024-7004
  • CVE-2024-6993
  • CVE-2024-7001
  • CVE-2024-7003
  • CVE-2024-7005

Affected Vendors

Google

Affected Products

  • Google Chrome 127.0

Remediation

Upgrade to the latest version of Google Chrome, available from the Google Chrome Releases Website.

Google Chrome Releases Website