CVE-2024-3838

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Apr 17, 2024
Updated: Aug 6, 2024
CWE ID 358

Summary

CVE-2024-3838 represents a medium severity vulnerability in Google Chrome's Autofill feature, prior to version 124.0.6367.60. Malicious applications could exploit this inappropriate implementation to carry out UI spoofing attacks, tricking users into revealing sensitive information. The flaw occurs when an attacker convinces a user to install the malicious app, allowing them to take advantage of the vulnerability and manipulate the interface.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share