Multiple Google Chrome Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-9963 CVSS:6.5

Google Chrome could allow a remote attacker to bypass security restrictions, caused by insufficient data validation in Downloads. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.

CVE-2024-9962 CVSS:6.5

Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in Permissions. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.

CVE-2024-9964 CVSS:6.5

Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in Payments. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.

Impact

Security Bypass

Indicators of Compromise

CVE

CVE-2024-9963
CVE-2024-9962
CVE-2024-9964

Affected Vendors

Google

Affected Products

Google Chrome - 130.0
Google Chrome - 130.0.6723.58

Remediation

Upgrade to the latest version of Google Chrome, available from the Google Chrome Releases Website.

Google Chrome Releases Website

APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Operation – Active IOCs

DarkCrystal RAT aka DCRat – Active IOCs

Multiple Google Chrome Vulnerabilities

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan