CVE-2024-8638

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Sep 11, 2024
Updated: Sep 13, 2024
CWE ID 843
CWE ID 416

Summary

CVE-2024-8638 identifies a type confusion vulnerability in the V8 engine of Google Chrome versions prior to 128.0.6613.137, which could allow remote attackers to exploit object corruption through a specially crafted HTML page. Affected products primarily include various builds of Google Chrome, potentially impacting users and organizations that utilize these versions. The vulnerability has been assigned a high severity rating, with a CVSS score of 8.8, indicating significant risks regarding confidentiality, integrity, and availability due to its high potential for exploitation via network attacks requiring user interaction. To remediate this issue, it is crucial for organizations to update their versions of Google Chrome to the latest release available as per the Google Chrome Release Notes. Without prompt action, organizations face substantial risks including unauthorized access and data corruption stemming from potential exploitation by malicious actors.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share