CVSS 3.1 Score 8.8 of 10 (high)


Published Jan 30, 2024
Updated: Feb 5, 2024
CWE ID 416


CVE-2024-1077, a vulnerability in Google Chrome prior to version 121.0.6167.139, allows a remote attacker to potentially exploit heap corruption through a malicious file, posing a high risk to organizations. The affected products include various versions of Google Chrome such as 'b_v-e7', 'nyUTpQ', and 'QtrC2m'. Remediation involves updating to the latest version of Google Chrome (version 121.0.6167.139 or later). The vulnerability has a base severity score of 8.8 and an impact score of 5.9, with no privileges required for exploitation but user interaction being necessary. The attack vector is through the network and it can lead to high integrity and confidentiality impacts with a low attack complexity. This information comes from the National Vulnerability Database (NVD) provided by

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-1077 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options