CVE-2024-8033

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Aug 21, 2024
Updated: Aug 22, 2024

Summary

CVE-2024-8033 is a vulnerability in Google Chrome versions prior to 128.0.6613.84, affecting multiple products that integrate with the browser, which allows for UI spoofing through a maliciously crafted HTML page when users are tricked into installing an application. The vulnerability has been rated with a medium base severity score of 4.3 and requires user interaction to exploit, making its potential danger manageable but still concerning as it can lead to user deception and trust issues within applications. To remediate this issue, users should update their Google Chrome installations to version 128.0.6613.84 or later, where the vulnerability has been addressed. Failure to address this flaw may expose organizations to phishing attacks or other social engineering tactics that could compromise user credentials or sensitive information. More details can be found in Google's release notes and the Chromium issue tracker linked in the references.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share