CVE-2024-7974

Summary

CVE-2024-7974 is a vulnerability in the V8 API of Google Chrome prior to version 128.0.6613.84, which allows remote attackers to exploit heap corruption through a crafted Chrome extension due to insufficient data validation. Affected products include a variety of applications that utilize this version of Chrome. The security risk is assessed as medium, with a base severity rating of high (8.8) according to the CVSS v3.1, indicating significant potential for impact on confidentiality and integrity if successfully exploited. To remediate this vulnerability, organizations should ensure they update their Google Chrome installations to the latest version available. Exploitation requires user interaction and poses serious risks, including potential data compromise and system integrity breaches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.