CVE-2022-4912

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jul 29, 2023
Updated: Aug 19, 2023
CWE ID 843

Summary

CVE-2022-4912 is a type confusion vulnerability affecting Google Chrome versions prior to 105.0.5195.52. Maliciously crafted HTML pages could potentially exploit this issue to cause heap corruption, leading to significant security risks. The Chromium team has classified this vulnerability as high severity. In more detail, a type confusion flaw is identified in MathML processing within Google Chrome. An attacker could construct an HTML page that, when loaded, would exploit this vulnerability to manipulate memory unintentionally. This could result in heap corruption, potentially allowing the attacker to execute arbitrary code or gain control of the affected system. This vulnerability poses a significant threat as it can be exploited through a user's web browser without requiring any user interaction beyond visiting the malicious page. Therefore, it's crucial for users to keep their Google Chrome browser updated to the latest version (105.0.5195.52 or later) to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2022-4912 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions