CVE-2024-7980

Summary

CVE-2024-7980 is a vulnerability affecting the Installer in Google Chrome on Windows versions prior to 128.0.6613.84, allowing local attackers to exploit insufficient data validation through crafted symbolic links for privilege escalation. The associated risk includes a high impact on integrity and confidentiality, with an overall severity score of 7.3, indicating potential severe security breaches if exploited. Remediation involves updating Google Chrome to at least version 128.0.6613.84 to mitigate this vulnerability effectively. Organizations are advised to implement this update promptly as the vulnerability poses a significant threat when exploited, requiring low privileges and user interaction for successful attacks. Relevant details about this vulnerability can be found in published references from Chromium's security updates and issue tracking systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.