CVE-2023-5475

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Oct 11, 2023

Updated: Jan 31, 2024

Summary

CVE-2023-5475 is a medium severity vulnerability affecting Google Chrome's DevTools prior to version 118.0.5993.70. An attacker could exploit this inappropriate implementation by convincing a user to install a malicious extension, thereby bypassing discretionary access control. This issue grants unintended privileges to the malicious extension, potentially leading to sensitive information disclosure or other malicious activities.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sHq2J9
https://www.cve.org/CVERecord?id=CVE-2023-5475
https://nvd.nist.gov/vuln/detail/CVE-2023-5475

Back to Vulnerability Database

CVE-2023-5475

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations