CVE-2024-8639

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Sep 11, 2024
Updated: Sep 13, 2024
CWE ID 416

Summary

CVE-2024-8639 is a vulnerability affecting Google Chrome on Android versions prior to 128.0.6613.137, which allows remote attackers to exploit heap corruption through a malicious HTML page. This vulnerability has a high severity rating (base score of 8.8) and poses significant risks, including potential data breaches and unauthorized access, as it can compromise both confidentiality and integrity of user data. To mitigate this issue, users are advised to update their Chrome browsers to the latest version immediately. The exploit requires user interaction and is classified under CWE-416 for "Use After Free." Organizations must be vigilant as the attack vector is over the network, indicating that it could affect users if they visit compromised web pages.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share