CVE-2024-8904

Summary

CVE-2024-8904 is a vulnerability in the V8 engine of Google Chrome, affecting versions prior to 129.0.6668.58, which can allow remote attackers to exploit heap corruption via a specially crafted HTML page. This vulnerability has been rated as having high severity, with a CVSS base score of 8.8, indicating significant risks to both confidentiality and integrity of data. Organizations using affected versions may face serious security threats if exploited, as the attack can be executed over a network with minimal user interaction required. To remediate this issue, users are advised to update their Google Chrome browser to the latest version available from official channels. Further details and updates regarding this vulnerability can be found on the Chromium project's issue tracker and Google’s Chrome releases blog.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.