CVE-2024-9120

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Sep 25, 2024
Updated: Sep 26, 2024
CWE ID 416

Summary

CVE-2024-9120 is a vulnerability found in Google Chrome on Windows versions prior to 129.0.6668.70, which allows remote attackers to exploit heap corruption through a specially crafted HTML page. The affected products include multiple variants of Chrome, as detailed in the extensive list provided. To mitigate this vulnerability, users should update their Chrome installations to the latest version available, specifically 129.0.6668.70 or later. The potential danger posed by this vulnerability is significant, as it has a high severity rating with a CVSS score of 8.8, indicating that successful exploitation can lead to high impacts on confidentiality, integrity, and availability of the system without requiring any privileges from the user. User interaction is necessary for an attack to succeed, but once executed, it could result in severe consequences for organizational security.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share