CVE-2024-8198

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 28, 2024
Updated: Aug 30, 2024
CWE ID 122
CWE ID 787

Summary

CVE-2024-8198 is a high-severity vulnerability affecting Google Chrome versions prior to 128.0.6613.113, specifically due to a heap buffer overflow in the Skia graphics engine. This vulnerability allows a remote attacker to exploit heap corruption through a crafted HTML page, potentially compromising the renderer process without requiring any privileges from the user, though user interaction is needed. To remediate this issue, it is recommended that organizations update their Google Chrome installations to the latest version immediately. The potential risks include significant impacts on confidentiality and integrity, with high availability impact as well. The attack vector is over the network, making it crucial for users and organizations to ensure they are protected against this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share