CVE-2024-6999

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Aug 6, 2024
Updated: Oct 30, 2024

Summary

CVE-2024-6999 is a medium severity vulnerability affecting FedCM in Google Chrome before version 127.0.6533.72. An attacker can exploit this issue by convincing a user to interact with a specially crafted HTML page, leading to UI spoofing. The vulnerability stems from an inappropriate implementation in FedCM, allowing the attacker to manipulate the user interface remotely. This issue could potentially lead to phishing attacks or data theft, underscoring the importance of updating Google Chrome to the latest version.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share