Heap Corruption Vulnerability in Google Chrome on Android
CVE-2024-10826

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 6 November 2024

Badges

👾 Exploit Exists📰 News Worthy

Summary

A use after free vulnerability exists in the Family Experiences component of Google Chrome for Android prior to version 130.0.6723.116. This vulnerability may enable a remote attacker to exploit heap corruption through a specially crafted HTML page. Attackers can leverage this flaw to compromise system integrity and potentially execute unauthorized actions. It is crucial for users to update their browser to the latest version to protect against this vulnerability.

News Articles

The Cyber Express

CVE-2024-10826 CVE-2024-10827

Cert-In Reports Vulnerabilities In Google Chrome

CERT-In reports critical vulnerabilities in Google Chrome that could lead to code execution, data theft, and system crashes.

References

https://chromereleases.googleblog.com/2024/11/stable-chan...

https://issues.chromium.org/issues/370217726

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Nov 12, 2024
📰
First article discovered by The Cyber Express
Nov 12, 2024
Vulnerability published
Nov 6, 2024

Key Information:

Badges

Summary

Get notified when SecurityVulnerability.io launches alerting 🔔

News Articles

Cert-In Reports Vulnerabilities In Google Chrome

References

CVSS V3.1

Timeline