Heap Corruption Vulnerability in Google Chrome on Android
CVE-2024-10826

8.8HIGH

Key Information:

Vendor

Google
Status
Chrome
Vendor
CVE Published:
6 November 2024

Badges

👾 Exploit Exists📰 News Worthy

What is CVE-2024-10826?

A use after free vulnerability exists in the Family Experiences component of Google Chrome for Android prior to version 130.0.6723.116. This vulnerability may enable a remote attacker to exploit heap corruption through a specially crafted HTML page. Attackers can leverage this flaw to compromise system integrity and potentially execute unauthorized actions. It is crucial for users to update their browser to the latest version to protect against this vulnerability.

News Articles

favicon imageThe Cyber Express

Cert-In Reports Vulnerabilities In Google Chrome

CERT-In reports critical vulnerabilities in Google Chrome that could lead to code execution, data theft, and system crashes.

References

https://chromereleases.googleblog.com/2024/11/stable-chan...
https://issues.chromium.org/issues/370217726

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by The Cyber Express

  • Vulnerability published

.