CVE-2024-7979

CVSS 3.1 Score 7.0 of 10 (high)

Details

Published Aug 21, 2024
Updated: Aug 22, 2024
CWE ID 345

Summary

CVE-2024-7979 is a vulnerability affecting Google Chrome on Windows versions prior to 128.0.6613.84, caused by insufficient data validation in the Installer that allows local attackers to perform privilege escalation via crafted symbolic links. This security flaw has been assigned a medium severity rating by Chromium but has a high base score of 7.0 in other assessments, indicating significant potential impact, particularly on confidentiality and integrity. To remediate this vulnerability, organizations are advised to update Google Chrome to the latest version immediately. The vulnerability poses risks such as unauthorized access and control over affected systems, which could compromise sensitive data and overall system integrity. Local exploitation of this vulnerability requires low privileges and no user interaction, making it particularly concerning for organizations with inadequate security measures in place.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share