CVE-2023-36026

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Nov 16, 2023
Updated: Nov 23, 2023

Summary

CVE-2023-36026 is a new spoofing vulnerability affecting Microsoft Edge browsers based on Chromium. This issue allows malicious actors to manipulate the display of web pages in such a way that users may be deceived into believing they are interacting with a legitimate site, when in fact they are on a fraudulent one. The attacker can use this vulnerability to mimic trusted websites, potentially stealing sensitive information or tricking users into installing malware. Microsoft is currently working on a patch to address this issue, and users are advised to keep their browsers updated to protect against exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Edge Chromium

Affected Vendors

  • Microsoft