CVE-2023-5853
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Summary
CVE-2023-5853 is a vulnerability that affects Google Chrome versions prior to 119.0.6045.105. It involves an incorrect security UI in the Downloads feature, allowing a remote attacker to obfuscate security UI through a crafted HTML page. The vulnerability has a medium severity level according to Chromium's security severity scale. The CVE ID indicates that it has been rated with a base score of 4.3 and a base severity of medium. The exploitability score is 2.8, and it requires user interaction to be successfully exploited. The attack vector is through the network, and the impact on integrity is considered low, while confidentiality is not impacted. The remediation for this vulnerability is to update Google Chrome to version 119.0.6045.105 or later, which includes the necessary security fixes to address this issue. Organizations should prioritize this patch as it poses a potential danger by allowing attackers to obfuscate security UI, potentially leading to further malicious activities or exploitation of user data.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions