Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2023-23374

8.3HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Edge For Android
Vendor: CVE Published:; 14 February 2023

What is CVE-2023-23374?

A vulnerability in Microsoft Edge (Chromium-based) allows attackers to execute arbitrary code on the affected system. This flaw arises from improper handling of objects in memory, which could enable an attacker to exploit this vulnerability, potentially leading to unauthorized information disclosure or system compromise. Users are urged to update to the latest version to mitigate risks associated with this vulnerability.

Affected Version(s)

Microsoft Edge for Android Unknown 1.0.0 < 110.0.1587.41

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

8.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 14, 2023
Vulnerability Reserved
Jan 11, 2023