CVSS 3.1 Score 4.3 of 10 (medium)


Published Nov 1, 2023
Updated: Jan 31, 2024
CWE ID 346


CVE-2023-5853 is a vulnerability that affects Google Chrome versions prior to 119.0.6045.105. It involves an incorrect security UI in the Downloads feature, allowing a remote attacker to obfuscate security UI through a crafted HTML page. The vulnerability has a medium severity level according to Chromium's security severity scale. The CVE ID indicates that it has been rated with a base score of 4.3 and a base severity of medium. The exploitability score is 2.8, and it requires user interaction to be successfully exploited. The attack vector is through the network, and the impact on integrity is considered low, while confidentiality is not impacted. The remediation for this vulnerability is to update Google Chrome to version 119.0.6045.105 or later, which includes the necessary security fixes to address this issue. Organizations should prioritize this patch as it poses a potential danger by allowing attackers to obfuscate security UI, potentially leading to further malicious activities or exploitation of user data.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-5853 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options