ID CVE-2021-21148 Type cve Reporter chrome-cve-admin@google.com Modified 2021-05-17T19:56:00
Description
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
{"id": "CVE-2021-21148", "bulletinFamily": "NVD", "title": "CVE-2021-21148", "description": "Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "published": "2021-02-09T16:15:00", "modified": "2021-05-17T19:56:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-21148", "reporter": "chrome-cve-admin@google.com", "references": ["https://www.debian.org/security/2021/dsa-4858", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ACWYJ74Z3YN2XH4QMUEGNBC3VXX464L/", "https://security.gentoo.org/glsa/202104-08", "http://packetstormsecurity.com/files/162579/Chrome-Array-Transfer-Bypass.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUQSMNV7INLDDSD3RKI5S5EAULX2QC7P/", "https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html", "https://crbug.com/1170176"], "cvelist": ["CVE-2021-21148"], "type": "cve", "lastseen": "2021-05-18T01:52:42", "edition": 10, "viewCount": 89, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2021-21148"]}, {"type": "attackerkb", "idList": ["AKB:B61D2687-96CE-4CE9-939F-9E35DA7814C4", "AKB:C300BC5A-FE8F-4274-AFA8-C1F47411FEC1"]}, {"type": "mscve", "idList": ["MS:CVE-2021-21148"]}, {"type": "nessus", "idList": ["MICROSOFT_EDGE_CHROMIUM_88_0_705_63.NASL", "OPENSUSE-2021-267.NASL", "FEDORA_2021-7FB30B9381.NASL", "701323.PASL", "GOOGLE_CHROME_88_0_4324_150.NASL", "FEDORA_2021-05AFA65D39.NASL", "DEBIAN_DSA-4858.NASL", "MACOSX_GOOGLE_CHROME_88_0_4324_150.NASL", "FREEBSD_PKG_3E01AAD2680E11EB83E2E09467587C17.NASL", "OPENSUSE-2021-296.NASL"]}, {"type": "freebsd", "idList": ["3E01AAD2-680E-11EB-83E2-E09467587C17"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:AC714CB24C401F36B220E29C6D2B049F", "MALWAREBYTES:390E663F11CA04293C83488A40CB3A8A"]}, {"type": "kaspersky", "idList": ["KLA12063", "KLA12062", "KLA12179"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:0413-1", "OPENSUSE-SU-2021:0276-1", "OPENSUSE-SU-2021:0973-1", "OPENSUSE-SU-2021:1016-1", "OPENSUSE-SU-2021:0296-1", "OPENSUSE-SU-2021:0267-1"]}, {"type": "threatpost", "idList": ["THREATPOST:88DD5812D3C8652E304F32507E4F68DD", "THREATPOST:398E85215A3E7B7329EE3FED8F6374FF"]}, {"type": "thn", "idList": ["THN:EF50BA60FF5E3EF9AF1570FF5A2589A0", "THN:F197A729A4F49F957F9D5910875EBAAA", "THN:2E0F12E8B4294632DF7D326E9360976B", "THN:7D7C05739ECD847B8CDEEAF930C51BF8", "THN:C736174C6B0ADC38AA88BC58F30271DA", "THN:15BF409706D7240A5276C705732D745F", "THN:1A836FDDE57334BC4DAFA65E6DFA02E4"]}, {"type": "krebs", "idList": ["KREBS:1BEFD58F5124A2E4CA40BD9C1B49B9B7"]}, {"type": "fedora", "idList": ["FEDORA:4E16930B130B", "FEDORA:BB03930B3A56"]}, {"type": "archlinux", "idList": ["ASA-202102-4", "ASA-202102-6"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4858-1:7131E"]}, {"type": "securelist", "idList": ["SECURELIST:20C7BC6E3C43CD3D939A2E3EAE01D4C1"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:44EA89871AFF6881B909B9FD0E07034F"]}, {"type": "gentoo", "idList": ["GLSA-202104-08"]}], "modified": "2021-05-18T01:52:42", "rev": 2}, "exploitation": {"wildExploited": true, "wildExploitedSources": [{"type": "attackerkb", "idList": ["AKB:C300BC5A-FE8F-4274-AFA8-C1F47411FEC1", "AKB:B61D2687-96CE-4CE9-939F-9E35DA7814C4"]}], "modified": "2021-05-18T01:52:42"}, "score": {"value": 4.8, "vector": "NONE", "modified": "2021-05-18T01:52:42", "rev": 2}, "twitter": {"counter": 10, "tweets": [{"link": "https://twitter.com/Sjgowing1/status/1364148246780649472", "text": "CVE-2021-21148: Google Chrome Heap Buffer Overflow Vulnerability Exploited in the Wild"}, {"link": "https://twitter.com/CyberprotechPT/status/1361801315416997891", "text": "The Chrome remote code execution zero-day vulnerability (CVE-2021-21148), which allows a remote attacker to potentially compromise a system via a crafted HTML page, is being exploited in the wild. We recommend updating to at least Chrome 88.0.4324.150."}, {"link": "https://twitter.com/CyberSecDN/status/1362194383110475777", "text": "Google Chrome, Microsoft IE Zero-Days in Crosshairs - https://t.co/HHBkSmN0qr?amp=1 (CVE-2021-21148) via /SecurityWeek"}, {"link": "https://twitter.com/WolfgangSesin/status/1362289691891019778", "text": "New post from https://t.co/uXvPWJy6tj?amp=1 (CVE-2021-21148 (chrome, fedora)) has been published on https://t.co/Y68X23fgEN?amp=1"}, {"link": "https://twitter.com/GrupoICA_Ciber/status/1362688107422900224", "text": "GOOGLE\nM\u00faltiples vulnerabilidades de severidad alta en productos GOOGLE: \n\nCVE-2021-21146,CVE-2021-21145,CVE-2021-21144,CVE-2021-21143,CVE-2021-21142,CVE-2021-21148\n\nM\u00e1s info en: https://t.co/IRfSSiWGjH?amp=1\n/hashtag/ciberseguridad?src=hashtag_click /hashtag/grupoica?src=hashtag_click /hashtag/google?src=hashtag_click"}, {"link": "https://twitter.com/Kasperskybrasil/status/1361102938781982724", "text": "Atualiza\u00e7\u00e3o do Chrome para 88.0.4324.150 corrige falha perigosa (CVE-2021-21148) que hackers est\u00e3o explorando. Atualize seu navegador o mais r\u00e1pido poss\u00edvel!"}, {"link": "https://twitter.com/Kasperskybrasil/status/1361102938781982724", "text": "Atualiza\u00e7\u00e3o do Chrome para 88.0.4324.150 corrige falha perigosa (CVE-2021-21148) que hackers est\u00e3o explorando. Atualize seu navegador o mais r\u00e1pido poss\u00edvel!"}, {"link": "https://twitter.com/kaspersky/status/1366508703009144836", "text": " An important update for all users: update /hashtag/Google?src=hashtag_click Chrome immediately. https://t.co/ajpt3QWCTe?amp=1\n\nHackers are actively exploiting a dangerous vulnerability (CVE-2021-21148) in Google Chrome. Time to get to updating!"}, {"link": "https://twitter.com/GrupoICA_Ciber/status/1362326235913854977", "text": "GOOGLE\nM\u00faltiples vulnerabilidades de severidad alta en productos GOOGLE: \n\nCVE-2021-21146,CVE-2021-21145,CVE-2021-21144,CVE-2021-21143,CVE-2021-21142,CVE-2021-21148\n\nM\u00e1s info en: https://t.co/IRfSSiWGjH?amp=1\n/hashtag/ciberseguridad?src=hashtag_click /hashtag/grupoica?src=hashtag_click /hashtag/google?src=hashtag_click"}, {"link": "https://twitter.com/ipssignatures/status/1416050997345017857", "text": "The vuln CVE-2021-21148 has a tweet created 0 days ago and retweeted 7 times.\n/BleepinComputer/status/1415953853678342144\n/hashtag/Stfpd3a5dwzxaw?src=hashtag_click"}], "modified": "2021-05-18T01:52:42"}, "vulnersScore": 4.8}, "cpe": ["cpe:/o:debian:debian_linux:10.0", "cpe:/o:fedoraproject:fedora:32", "cpe:/o:fedoraproject:fedora:33"], "affectedSoftware": [{"cpeName": "fedoraproject:fedora", "name": "fedoraproject fedora", "operator": "eq", "version": "33"}, {"cpeName": "google:chrome", "name": "google chrome", "operator": "lt", "version": "88.0.4324.150"}, {"cpeName": "debian:debian_linux", "name": "debian debian linux", "operator": "eq", "version": "10.0"}, {"cpeName": "fedoraproject:fedora", "name": "fedoraproject fedora", "operator": "eq", "version": "32"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:google:chrome:88.0.4324.150:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "88.0.4324.150", "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "GLSA-202104-08", "refsource": "GENTOO", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202104-08"}, {"name": "https://crbug.com/1170176", "refsource": "MISC", "tags": ["Permissions Required"], "url": "https://crbug.com/1170176"}, {"name": "http://packetstormsecurity.com/files/162579/Chrome-Array-Transfer-Bypass.html", "refsource": "MISC", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/162579/Chrome-Array-Transfer-Bypass.html"}, {"name": "FEDORA-2021-7fb30b9381", "refsource": "FEDORA", "tags": ["Third Party Advisory", "Mailing List"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ACWYJ74Z3YN2XH4QMUEGNBC3VXX464L/"}, {"name": "https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html", "refsource": "MISC", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html"}, {"name": "FEDORA-2021-05afa65d39", "refsource": "FEDORA", "tags": ["Third Party Advisory", "Mailing List"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUQSMNV7INLDDSD3RKI5S5EAULX2QC7P/"}, {"name": "DSA-4858", "refsource": "DEBIAN", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2021/dsa-4858"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"], "cwe": ["CWE-787"], "scheme": null, "immutableFields": []}
{"ubuntucve": [{"lastseen": "2021-07-30T21:34:13", "description": "Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed\na remote attacker to potentially exploit heap corruption via a crafted HTML\npage.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[amurray](<https://launchpad.net/~amurray>) | The Debian chromium source package is called chromium-browser in Ubuntu \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | starting with Ubuntu 19.10, the chromium-browser package is just a script that installs the Chromium snap\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-09T00:00:00", "type": "ubuntucve", "title": "CVE-2021-21148", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21148"], "modified": "2021-02-09T00:00:00", "id": "UB:CVE-2021-21148", "href": "https://ubuntu.com/security/CVE-2021-21148", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "attackerkb": [{"lastseen": "2021-07-20T20:10:47", "description": "Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n \n**Recent assessments:** \n \n**gwillcox-r7** at February 05, 2021 4:25pm UTC reported:\n\nReported as exploited in the wild at <https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html>. Several news articles such as <https://www.theverge.com/2021/2/5/22267872/chrome-88-zero-day-vulnerability-government-backed-hackers-security-researchers> have suggested that given the timing of this bug, and that it was reported one day before Google\u2019s report on the North Korea hackers targeting security researchers (see <https://www.theverge.com/2021/1/26/22250060/google-threat-analysis-group-north-korean-hackers-cybersecurity-researchers-social-engineering>), it may be related to the 0day Chrome bug that was used by North Korean state actors in that engagement.\n\nGiven this is a remote heap overflow in the browser there may be some concerns regarding reliability though and whilst I\u2019m sure there will be public exploits for this bug, I do question how reliable they will be given the nature of trying to exploit heap exploits. I would imagine the exploit would take advantage of JavaScript to craft the heap appropriately. Therefore a temporary, but not recommended, precaution may be to disable JavaScript in Chrome until one can apply this update.\n\nPlease note that Chrome will automatically apply the update if you open and close your browser. However people do tend to keep Chrome open with many tabs and then suspend their PC at the end of the day, so its possible that these patches will likely see an uptick in application when the next Patch Tuesday or company wide patch cycle is enforced and people are forced to reboot their PCs to apply patches, and therefore restart Chrome.\n\nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "edition": 2, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-09T00:00:00", "type": "attackerkb", "title": "CVE-2021-21148", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21148"], "modified": "2021-02-13T00:00:00", "id": "AKB:B61D2687-96CE-4CE9-939F-9E35DA7814C4", "href": "https://attackerkb.com/topics/9stbF9rFqe/cve-2021-21148", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-20T20:10:26", "description": "Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n \n**Recent assessments:** \n \n**gwillcox-r7** at March 15, 2021 6:18am UTC reported:\n\nReported as exploited in the wild at <https://thehackernews.com/2021/03/another-google-chrome-0-day-bug-found.html> and at <https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_12.html>.\n\nThis bug seems to have scarce details from what I can tell online, however it appears to be a UAF bug within Blink that was reported by an anonymous researcher on 2021-03-09. The details for this bug are currently locked so that only Google employees can access it, but should it be opened to the public the details will be at <https://bugs.chromium.org/p/chromium/issues/detail?id=1186287>.\n\nAs per usual the advice to protect against UAF bugs in browsers is to disable JavaScript on untrusted websites via a plugin such as NoScript. Since most UAF\u2019s require JavaScript to be enabled to conduct exploitation, this will act as an effective mitigation in most cases, but users should not rely on this as their sole protection mechanism.\n\nIt is interesting to see that this is the third 0day exploited in the wild this year in Chrome, alongside CVE-2021-21166, a object lifecycle issue in the audio component, and CVE-2021-21148, a heap buffer overflow within the V8 scripting engine. Time will tell if this trend continues though, but it is interesting to see such an regular cadence of vulnerabilities being exploited in the wild.\n\nAssessed Attacker Value: 4 \nAssessed Attacker Value: 4Assessed Attacker Value: 3\n", "edition": 2, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-03-16T00:00:00", "type": "attackerkb", "title": "CVE-2021-21193", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21148", "CVE-2021-21166", "CVE-2021-21193"], "modified": "2021-03-24T00:00:00", "id": "AKB:C300BC5A-FE8F-4274-AFA8-C1F47411FEC1", "href": "https://attackerkb.com/topics/ACMmdhOpt2/cve-2021-21193", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "mscve": [{"lastseen": "2021-09-18T02:47:01", "description": "This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](<https://chromereleases.googleblog.com/2021>) for more information.\n\n**This CVE has been reported to be exploited in the wild.**\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-05T08:00:00", "type": "mscve", "title": "Chromium CVE-2021-21148: Heap buffer overflow in V8", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21148"], "modified": "2021-02-05T08:00:00", "id": "MS:CVE-2021-21148", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21148", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "kaspersky": [{"lastseen": "2021-08-18T10:58:34", "description": "### *Detect date*:\n02/05/2021\n\n### *Severity*:\nWarning\n\n### *Description*:\nA heap buffer overflow vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to cause denial of service.\n\n### *Affected products*:\nMicrosoft Edge (Chromium-based)\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2021-21148](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2021-21148>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Microsoft Edge](<https://threats.kaspersky.com/en/product/Microsoft-Edge/>)\n\n### *CVE-IDS*:\n[CVE-2021-21148](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21148>)6.8High\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-05T00:00:00", "type": "kaspersky", "title": "KLA12063 DoS vulnerability in Microsoft Browser", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21148"], "modified": "2021-02-16T00:00:00", "id": "KLA12063", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12063/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-18T10:56:21", "description": "### *Detect date*:\n02/09/2021\n\n### *Severity*:\nHigh\n\n### *Description*:\nA heap buffer overflow vulnerability was found in Opera. Malicious users can exploit this vulnerability to cause denial of service.\n\n### *Affected products*:\nOpera earlier than 74.0.3911.107\n\n### *Solution*:\nUpdate to the latest version \n[Download Opera](<https://www.opera.com>)\n\n### *Original advisories*:\n[Changelog for Opera 74](<https://blogs.opera.com/desktop/changelog-for-74/#b3911.107>) \n[Stable Channel Update for Desktop](<https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Opera](<https://threats.kaspersky.com/en/product/Opera/>)\n\n### *CVE-IDS*:\n[CVE-2021-21148](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21148>)6.8High", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-09T00:00:00", "type": "kaspersky", "title": "KLA12179 DoS vulnerability in Opera", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21148"], "modified": "2021-05-27T00:00:00", "id": "KLA12179", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12179/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-18T10:58:35", "description": "### *Detect date*:\n02/04/2021\n\n### *Severity*:\nHigh\n\n### *Description*:\nA heap buffer overflow vulnerability was found in Google Chrome. Malicious users can exploit this vulnerability to cause denial of service.\n\n### *Affected products*:\nGoogle Chrome earlier than 88.0.4324.150\n\n### *Solution*:\nUpdate to the latest version \n[Download Google Chrome](<https://www.google.com/chrome/>)\n\n### *Original advisories*:\n[Stable Channel Update for Desktop](<https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Google Chrome](<https://threats.kaspersky.com/en/product/Google-Chrome/>)\n\n### *CVE-IDS*:\n[CVE-2021-21148](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21148>)6.8High", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-04T00:00:00", "type": "kaspersky", "title": "KLA12062 DoS vulnerability in Google Chrome", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21148"], "modified": "2021-05-12T00:00:00", "id": "KLA12062", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12062/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-08-19T12:03:16", "description": "The version of Google Chrome installed on the remote host is prior to 88.0.4324.150. It is, therefore, affected by a vulnerability as referenced in the 2021_02_stable-channel-update-for-desktop_4 advisory. Note that Nessus Network Monitor has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2021-04-14T00:00:00", "type": "nessus", "title": "Google Chrome < 88.0.4324.150 Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-21148"], "modified": "2021-04-14T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "701323.PASL", "href": "https://www.tenable.com/plugins/nnm/701323", "sourceData": "Binary data 701323.pasl", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-13T00:38:38", "description": "Chrome Releases reports :\n\n[1170176] High CVE-2021-21148: Heap buffer overflow in V8. Reported by Mattias Buelens on 2021-01-24. Google is aware of reports that an exploit for CVE-2021-21148 exists in the wild.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-02-08T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- heap buffer overflow in V8 (3e01aad2-680e-11eb-83e2-e09467587c17)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-21148"], "modified": "2021-05-18T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_3E01AAD2680E11EB83E2E09467587C17.NASL", "href": "https://www.tenable.com/plugins/nessus/146288", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(146288);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/18\");\n\n script_cve_id(\"CVE-2021-21148\");\n\n script_name(english:\"FreeBSD : chromium -- heap buffer overflow in V8 (3e01aad2-680e-11eb-83e2-e09467587c17)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Chrome Releases reports :\n\n[1170176] High CVE-2021-21148: Heap buffer overflow in V8. Reported by\nMattias Buelens on 2021-01-24. Google is aware of reports that an\nexploit for CVE-2021-21148 exists in the wild.\"\n );\n # https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?37649cd6\"\n );\n # https://vuxml.freebsd.org/freebsd/3e01aad2-680e-11eb-83e2-e09467587c17.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?74b0c890\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-21148\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<88.0.4324.150\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-13T00:37:36", "description": "The version of Microsoft Edge installed on the remote Windows host is prior to 88.0.705.63. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-21148 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-02-08T00:00:00", "type": "nessus", "title": "Microsoft Edge (Chromium) < 88.0.705.63 Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-21148"], "modified": "2021-05-17T00:00:00", "cpe": ["cpe:/a:microsoft:edge"], "id": "MICROSOFT_EDGE_CHROMIUM_88_0_705_63.NASL", "href": "https://www.tenable.com/plugins/nessus/146271", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146271);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/17\");\n\n script_cve_id(\"CVE-2021-21148\");\n\n script_name(english:\"Microsoft Edge (Chromium) < 88.0.705.63 Vulnerability\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an web browser installed that is affected by a vulnerability\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Edge installed on the remote Windows host is prior to 88.0.705.63. It is, therefore, affected\nby a vulnerability as referenced in the CVE-2021-21148 advisory. Note that Nessus has not tested for this issue but has\ninstead relied only on the application's self-reported version number.\");\n # https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21148\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c8284af6\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Edge version 88.0.705.63 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-21148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_edge_chromium_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Edge (Chromium)\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\napp_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);\nconstraints = [\n { 'fixed_version' : '88.0.705.63' }\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-13T00:35:46", "description": "This update for chromium fixes the following issues :\n\nUpdate to 88.0.4324.150 boo#1181827\n\n - CVE-2021-21148: Heap buffer overflow in V8", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-02-10T00:00:00", "type": "nessus", "title": "openSUSE Security Update : chromium (openSUSE-2021-267)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-21148"], "modified": "2021-05-18T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-267.NASL", "href": "https://www.tenable.com/plugins/nessus/146355", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2021-267.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(146355);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/18\");\n\n script_cve_id(\"CVE-2021-21148\");\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-2021-267)\");\n script_summary(english:\"Check for the openSUSE-2021-267 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for chromium fixes the following issues :\n\nUpdate to 88.0.4324.150 boo#1181827\n\n - CVE-2021-21148: Heap buffer overflow in V8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1181827\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-21148\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"chromedriver-88.0.4324.150-lp152.2.72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"chromedriver-debuginfo-88.0.4324.150-lp152.2.72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"chromium-88.0.4324.150-lp152.2.72.1\", allowmaj:TRUE) ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"chromium-debuginfo-88.0.4324.150-lp152.2.72.1\", allowmaj:TRUE) ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-13T00:34:53", "description": "This update for opera fixes the following issues :\n\n - Update to version 74.0.3911.107\n\n - CHR-8311 Update chromium on desktop-stable-88-3911 to 88.0.4324.150\n\n - DNA-90329 Implement client_capabilities negotiation for Flow / Sync\n\n - DNA-90560 [Search Tabs] Open Tabs On Top\n\n - DNA-90620 Add opauto tests for tab snoozing\n\n - DNA-90628 Update opauto tests after design changes\n\n - DNA-90818 Only 3 recently closed tabs are shown in a search mode\n\n - DNA-90911 Enable search-tabs-open-tabs-on-top on developer\n\n - DNA-90990 Crash at opera::AddressBarView::NotifyBoundsChanged()\n\n - DNA-90991 Opera doesn’t show version and ‘Relaunch’ button despite update is ready\n\n - DNA-91097 Crash at extensions::BrowserSidebarPrivateGetPremium ExtensionsInfoFunction::Run()\n\n - DNA-91163 [Win] “URL navigation filters”\n subpage doesn’t react on actions\n\n - DNA-91196 [Flow] Device capabilities is not properly saved in Local State\n\n - DNA-91276 Sidebar setup wont open\n\n - The update to chromium 88.0.4324.150 fixes following issues :\n\n - CVE-2021-21148 (1181827)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-02-16T00:00:00", "type": "nessus", "title": "openSUSE Security Update : opera (openSUSE-2021-296)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-21148"], "modified": "2021-05-18T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:opera", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-296.NASL", "href": "https://www.tenable.com/plugins/nessus/146501", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2021-296.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(146501);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/18\");\n\n script_cve_id(\"CVE-2021-21148\");\n\n script_name(english:\"openSUSE Security Update : opera (openSUSE-2021-296)\");\n script_summary(english:\"Check for the openSUSE-2021-296 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for opera fixes the following issues :\n\n - Update to version 74.0.3911.107\n\n - CHR-8311 Update chromium on desktop-stable-88-3911 to\n 88.0.4324.150\n\n - DNA-90329 Implement client_capabilities negotiation for\n Flow / Sync\n\n - DNA-90560 [Search Tabs] Open Tabs On Top\n\n - DNA-90620 Add opauto tests for tab snoozing\n\n - DNA-90628 Update opauto tests after design changes\n\n - DNA-90818 Only 3 recently closed tabs are shown in a\n search mode\n\n - DNA-90911 Enable search-tabs-open-tabs-on-top on\n developer\n\n - DNA-90990 Crash at\n opera::AddressBarView::NotifyBoundsChanged()\n\n - DNA-90991 Opera doesn’t show version and\n ‘Relaunch’ button despite update is ready\n\n - DNA-91097 Crash at\n extensions::BrowserSidebarPrivateGetPremium\n ExtensionsInfoFunction::Run()\n\n - DNA-91163 [Win] “URL navigation filters”\n subpage doesn’t react on actions\n\n - DNA-91196 [Flow] Device capabilities is not properly\n saved in Local State\n\n - DNA-91276 Sidebar setup wont open\n\n - The update to chromium 88.0.4324.150 fixes following\n issues :\n\n - CVE-2021-21148 (1181827)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1181827\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected opera package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:opera\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"opera-74.0.3911.107-lp152.2.34.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"opera\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-13T00:37:36", "description": "The version of Google Chrome installed on the remote Windows host is prior to 88.0.4324.150. It is, therefore, affected by a vulnerability as referenced in the 2021_02_stable-channel-update-for-desktop_4 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-02-04T00:00:00", "type": "nessus", "title": "Google Chrome < 88.0.4324.150 Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-21148"], "modified": "2021-05-17T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_88_0_4324_150.NASL", "href": "https://www.tenable.com/plugins/nessus/146204", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146204);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/17\");\n\n script_cve_id(\"CVE-2021-21148\");\n script_xref(name:\"IAVA\", value:\"2021-A-0071-S\");\n\n script_name(english:\"Google Chrome < 88.0.4324.150 Vulnerability\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is prior to 88.0.4324.150. It is, therefore, affected\nby a vulnerability as referenced in the 2021_02_stable-channel-update-for-desktop_4 advisory. Note that Nessus has not\ntested for this issue but has instead relied only on the application's self-reported version number.\");\n # https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?37649cd6\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1170176\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 88.0.4324.150 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-21148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('SMB/Google_Chrome/Installed');\ninstalls = get_kb_list('SMB/Google_Chrome/*');\n\ngoogle_chrome_check_version(installs:installs, fix:'88.0.4324.150', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-13T00:38:36", "description": "The version of Google Chrome installed on the remote macOS host is prior to 88.0.4324.150. It is, therefore, affected by a vulnerability as referenced in the 2021_02_stable-channel-update-for-desktop_4 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-02-04T00:00:00", "type": "nessus", "title": "Google Chrome < 88.0.4324.150 Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-21148"], "modified": "2021-05-17T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_88_0_4324_150.NASL", "href": "https://www.tenable.com/plugins/nessus/146205", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146205);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/17\");\n\n script_cve_id(\"CVE-2021-21148\");\n script_xref(name:\"IAVA\", value:\"2021-A-0071-S\");\n\n script_name(english:\"Google Chrome < 88.0.4324.150 Vulnerability\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is prior to 88.0.4324.150. It is, therefore, affected by\na vulnerability as referenced in the 2021_02_stable-channel-update-for-desktop_4 advisory. Note that Nessus has not\ntested for this issue but has instead relied only on the application's self-reported version number.\");\n # https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?37649cd6\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1170176\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 88.0.4324.150 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-21148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('MacOSX/Google Chrome/Installed');\n\ngoogle_chrome_check_version(fix:'88.0.4324.150', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-13T00:35:20", "description": "The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-05afa65d39 advisory.\n\n - Use after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (CVE-2021-21142)\n\n - Heap buffer overflow in Extensions in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (CVE-2021-21143)\n\n - Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (CVE-2021-21144)\n\n - Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-21145)\n\n - Use after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-21146)\n\n - Inappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-21147)\n\n - Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-21148)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-02-10T00:00:00", "type": "nessus", "title": "Fedora 33 : chromium (2021-05afa65d39)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-21142", "CVE-2021-21143", "CVE-2021-21144", "CVE-2021-21145", "CVE-2021-21146", "CVE-2021-21147", "CVE-2021-21148"], "modified": "2021-04-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:33", "p-cpe:/a:fedoraproject:fedora:chromium"], "id": "FEDORA_2021-05AFA65D39.NASL", "href": "https://www.tenable.com/plugins/nessus/146363", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2021-05afa65d39\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146363);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/12\");\n\n script_cve_id(\n \"CVE-2021-21142\",\n \"CVE-2021-21143\",\n \"CVE-2021-21144\",\n \"CVE-2021-21145\",\n \"CVE-2021-21146\",\n \"CVE-2021-21147\",\n \"CVE-2021-21148\"\n );\n script_xref(name:\"FEDORA\", value:\"2021-05afa65d39\");\n\n script_name(english:\"Fedora 33 : chromium (2021-05afa65d39)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nFEDORA-2021-05afa65d39 advisory.\n\n - Use after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote attacker to\n potentially perform a sandbox escape via a crafted HTML page. (CVE-2021-21142)\n\n - Heap buffer overflow in Extensions in Google Chrome prior to 88.0.4324.146 allowed an attacker who\n convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted\n Chrome Extension. (CVE-2021-21143)\n\n - Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who\n convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted\n Chrome Extension. (CVE-2021-21144)\n\n - Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-21145)\n\n - Use after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker who had\n compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-21146)\n\n - Inappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to\n spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-21147)\n\n - Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-21148)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2021-05afa65d39\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromium package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-21148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Fedora' >!< release) audit(AUDIT_OS_NOT, 'Fedora');\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^33([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 33', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\npkgs = [\n {'reference':'chromium-88.0.4324.150-1.fc33', 'release':'FC33', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromium');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-13T00:35:20", "description": "The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-7fb30b9381 advisory.\n\n - Use after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (CVE-2021-21142)\n\n - Heap buffer overflow in Extensions in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (CVE-2021-21143)\n\n - Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (CVE-2021-21144)\n\n - Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-21145)\n\n - Use after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-21146)\n\n - Inappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-21147)\n\n - Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-21148)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-02-17T00:00:00", "type": "nessus", "title": "Fedora 32 : chromium (2021-7fb30b9381)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-21142", "CVE-2021-21143", "CVE-2021-21144", "CVE-2021-21145", "CVE-2021-21146", "CVE-2021-21147", "CVE-2021-21148"], "modified": "2021-04-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:32", "p-cpe:/a:fedoraproject:fedora:chromium"], "id": "FEDORA_2021-7FB30B9381.NASL", "href": "https://www.tenable.com/plugins/nessus/146559", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2021-7fb30b9381\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146559);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/12\");\n\n script_cve_id(\n \"CVE-2021-21142\",\n \"CVE-2021-21143\",\n \"CVE-2021-21144\",\n \"CVE-2021-21145\",\n \"CVE-2021-21146\",\n \"CVE-2021-21147\",\n \"CVE-2021-21148\"\n );\n script_xref(name:\"FEDORA\", value:\"2021-7fb30b9381\");\n\n script_name(english:\"Fedora 32 : chromium (2021-7fb30b9381)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nFEDORA-2021-7fb30b9381 advisory.\n\n - Use after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote attacker to\n potentially perform a sandbox escape via a crafted HTML page. (CVE-2021-21142)\n\n - Heap buffer overflow in Extensions in Google Chrome prior to 88.0.4324.146 allowed an attacker who\n convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted\n Chrome Extension. (CVE-2021-21143)\n\n - Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who\n convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted\n Chrome Extension. (CVE-2021-21144)\n\n - Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-21145)\n\n - Use after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker who had\n compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-21146)\n\n - Inappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to\n spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-21147)\n\n - Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-21148)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2021-7fb30b9381\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromium package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-21148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Fedora' >!< release) audit(AUDIT_OS_NOT, 'Fedora');\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 32', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\npkgs = [\n {'reference':'chromium-88.0.4324.150-1.fc32', 'release':'FC32', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromium');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-13T00:34:18", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\n - CVE-2021-21148 Mattias Buelens discovered a buffer overflow issue in the v8 JavaScript library.\n\n - CVE-2021-21149 Ryoya Tsukasaki discovered a stack overflow issue in the Data Transfer implementation.\n\n - CVE-2021-21150 Woojin Oh discovered a use-after-free issue in the file downloader.\n\n - CVE-2021-21151 Khalil Zhani discovered a use-after-free issue in the payments system.\n\n - CVE-2021-21152 A buffer overflow was discovered in media handling.\n\n - CVE-2021-21153 Jan Ruge discovered a stack overflow issue in the GPU process.\n\n - CVE-2021-21154 Abdulrahman Alqabandi discovered a buffer overflow issue in the Tab Strip implementation.\n\n - CVE-2021-21155 Khalil Zhani discovered a buffer overflow issue in the Tab Strip implementation.\n\n - CVE-2021-21156 Sergei Glazunov discovered a buffer overflow issue in the v8 JavaScript library.\n\n - CVE-2021-21157 A use-after-free issue was discovered in the Web Sockets implementation.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-02-22T00:00:00", "type": "nessus", "title": "Debian DSA-4858-1 : chromium - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-21148", "CVE-2021-21149", "CVE-2021-21150", "CVE-2021-21151", "CVE-2021-21152", "CVE-2021-21153", "CVE-2021-21154", "CVE-2021-21155", "CVE-2021-21156", "CVE-2021-21157"], "modified": "2021-05-18T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4858.NASL", "href": "https://www.tenable.com/plugins/nessus/146757", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4858. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(146757);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/18\");\n\n script_cve_id(\"CVE-2021-21148\", \"CVE-2021-21149\", \"CVE-2021-21150\", \"CVE-2021-21151\", \"CVE-2021-21152\", \"CVE-2021-21153\", \"CVE-2021-21154\", \"CVE-2021-21155\", \"CVE-2021-21156\", \"CVE-2021-21157\");\n script_xref(name:\"DSA\", value:\"4858\");\n\n script_name(english:\"Debian DSA-4858-1 : chromium - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities have been discovered in the chromium web\nbrowser.\n\n - CVE-2021-21148\n Mattias Buelens discovered a buffer overflow issue in\n the v8 JavaScript library.\n\n - CVE-2021-21149\n Ryoya Tsukasaki discovered a stack overflow issue in the\n Data Transfer implementation.\n\n - CVE-2021-21150\n Woojin Oh discovered a use-after-free issue in the file\n downloader.\n\n - CVE-2021-21151\n Khalil Zhani discovered a use-after-free issue in the\n payments system.\n\n - CVE-2021-21152\n A buffer overflow was discovered in media handling.\n\n - CVE-2021-21153\n Jan Ruge discovered a stack overflow issue in the GPU\n process.\n\n - CVE-2021-21154\n Abdulrahman Alqabandi discovered a buffer overflow issue\n in the Tab Strip implementation.\n\n - CVE-2021-21155\n Khalil Zhani discovered a buffer overflow issue in the\n Tab Strip implementation.\n\n - CVE-2021-21156\n Sergei Glazunov discovered a buffer overflow issue in\n the v8 JavaScript library.\n\n - CVE-2021-21157\n A use-after-free issue was discovered in the Web Sockets\n implementation.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2021-21148\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2021-21149\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2021-21150\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2021-21151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2021-21152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2021-21153\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2021-21154\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2021-21155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2021-21156\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2021-21157\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/chromium\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/chromium\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2021/dsa-4858\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the chromium packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 88.0.4324.182-1~deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-21157\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"chromium\", reference:\"88.0.4324.182-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"chromium-common\", reference:\"88.0.4324.182-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"chromium-driver\", reference:\"88.0.4324.182-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"chromium-l10n\", reference:\"88.0.4324.182-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"chromium-sandbox\", reference:\"88.0.4324.182-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"chromium-shell\", reference:\"88.0.4324.182-1~deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "malwarebytes": [{"lastseen": "2021-02-12T13:10:41", "description": "A Chrome patch has been issued with an advisory stating that the Stable channel has been updated to 88.0.4324.150 for Windows, Mac and Linux. The only noteworthy thing about this update is a patch for a zero-day vulnerability that has been actively exploited in the wild. But that one looks to be extremely important.\n\n### Which zero-day got patched?\n\nPublicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). This zero-day got listed as [CVE-2021-21148](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21148>). From the [update announcement](<https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html>) for this Chrome patch we can learn that the patch counters a heap buffer overflow in the V8 JavaScript engine, reported by Mattias Buelens on January 24, 2021.\n\n### What is a heap buffer overflow?\n\nHeap is the name for a region of a process\u2019 memory which is used to store dynamic variables. A buffer overflow is a type of software vulnerability that exists when an area of memory within a software application reaches its address boundary and writes into an adjacent memory region. In software exploit code, two common areas that are targeted for overflows are the stack and the heap.\n\nSo, by creating a specially crafted input, attackers could use this vulnerability to write code into a memory location where they normally wouldn\u2019t have access. Having this attack vector available as a zero-day in a popular browser is a golden opportunity for a watering hole.\n\nWatering holes are used as a targeted attack strategy. The attackers infect a website where they know their intended victim(s) will visit, or lure them to a site of their own making. Depending on the nature of the infection, the attackers can single out their intended target(s) or just infect anyone that visits the site unprotected. The watering hole strategy is a mix of social engineering, hacking, and drive-by infections that requires a high level of knowledge and a well-thought-out strategy.\n\n### How was this vulnerability used in the wild?\n\nBased on the timing of the discovery (January 24) and [this report](<https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/>) by Google\u2019s Threat Analysis Group (TAG) issued on January 26, the general assumption is that the attack was used against security researchers working on vulnerability research and development at different companies and organizations. To connect and gain trust among security researchers, the actors created a research blog and multiple Twitter profiles to interact with potential targets.\n\nOne of the methods the attackers used was to interact with the researchers and get them to follow a link on Twitter to a write-up hosted on a malicious website. Shortly after the visit, a malicious service was installed on the researcher\u2019s system and an in-memory backdoor would begin to communicate with a [command and control (C&C)](<https://blog.malwarebytes.com/glossary/cc/>) server. This sure sounds like something that could be accomplished using a heap buffer overflow in a browser.\n\n### The update\n\nDespite its discovery, this exploit remains useful to cybercriminals. We advise everyone to update and get the latest version of Chrome as soon as possible. \n\nThe easiest way to do it is to allow Chrome to update automatically, which basically uses the same method as outlined below but does not require your attention. But you can end up lagging behind if you never close the browser or if something goes wrong, such as an extension stopping you from updating the browser. \n\nSo, it doesn\u2019t hurt to check now and then. And now would be a good time, given the zero-day vulnerability. My preferred method is to have Chrome open the page [chrome://settings/help](<https://settings/help>) which you can also find by clicking **Settings > About Chrome**.\n\nIf there is an update available, Chrome will notify you and start downloading it. Then it will tell you all you have to do to complete the update is **Relaunch **the browser.\n\n_After the update your version should be at 88.0.4324.150 or later_\n\nStay safe, everyone!\n\nThe post [Update now! Chrome patches zero-day that was exploited in the wild](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/02/update-now-chrome-patches-zero-day-that-was-exploited-in-the-wild/>) appeared first on [Malwarebytes Labs](<https://blog.malwarebytes.com>).", "edition": 2, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-05T12:14:04", "type": "malwarebytes", "title": "Update now! Chrome patches zero-day that was exploited in the wild", "bulletinFamily": "blog", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21148"], "modified": "2021-02-05T12:14:04", "id": "MALWAREBYTES:AC714CB24C401F36B220E29C6D2B049F", "href": "https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/02/update-now-chrome-patches-zero-day-that-was-exploited-in-the-wild/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-14T18:35:22", "description": "Google _[announced](<https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop.html>)_ on Monday that it will be issuing patches for 11 high severity vulnerabilities found in Chrome, including two that are currently being exploited in the wild. The patch, which is part of the Stable Channel Update for Chrome 93 (93.0.4577.82), will be released for Windows, Mac, and Linux (if it hasn\u2019t already). Chrome users are expected to see the roll out in the coming days and weeks.\n\nReaders should note that other popular browsers such as Brave and Edge are also Chromium-based and therefore likely to be vulnerable to these flaws too. Keep an eye out for updates.\n\nYou can check what version of Chrome you are running by opening About Google Chrome from the main menu.\n\nThe About Google Chrome screen tells you what version you are running and whether it is up to date\n\n### The vulnerabilities\n\nThe fixes address high severity vulnerabilities reported to Google by independent researchers from as early as August of this year. That said, the company has included names of the researchers who found the flaws in their announcement.\n\nThe two vulnerabilities that are being actively exploited\u2014namely, [CVE-2021-30632](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30632>) and [CVE-2021-30633](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30633>)\u2014were submitted anonymously. The former is an "Out of bounds write" flaw in the V8 JavaScript engine and the latter is a "Use after free" bug in the Indexed DB API.\n\nBecause threat actors are currently exploiting the two aforementioned vulnerabilities, Google provides little to no information on how the attacks against these weaknesses are being carried out, or other precautionary measures users should be looking out for. Per Google:\n\n> Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven\u2019t yet fixed.\n\n### V8, the thorn in Chrome's side?\n\nNobody will be surprised to see that one of the in-the-wild exploits affects Chrome's V8 engine. \n\nAt the heart of every modern web browser sits a JavaScript interpreter, a component that does much of the heavy lifting for interactive web apps. In Chrome, that interpreter is V8. These components need to accommodate frequent updates and adhere to a bewildering array of web standards, while also being both fast and secure.\n\nChrome's [V8](<https://v8.dev/>) JavaScript engine has been a significant source of security problems. So significant in fact, that in August Microsoft\u2014whose Edge browser is based on Chrome\u2014announced an experimental project called [Super Duper Secure Mode](<https://blog.malwarebytes.com/reports/2021/08/edges-super-duper-secure-mode-benchmarked-how-much-speed-would-you-trade-for-security/>) that aims to tackle the rash of V8 problems by simply turning an important part of it off.\n\nA little under half of the CVEs issued for V8 relate to its Just-in-Time (JIT) compiler, and more than half of all \u2018in-the-wild\u2019 Chrome exploits abuse JIT bugs. Just-in-time compilation is an important performance feature and turning it off is a direct trade of speed for security. How much? According our quick-and-dirty testing, turning off the JIT compiler makes JavaScript execution twice as slow in Edge.\n\n### 11 zero-days and counting\n\nTo date, the Google Chrome team has patched 11 zero-day vulnerabilities in 2021. Previous patches are from the following vulnerabilities, some of which we have covered here in the Malwarebytes Labs blog:\n\n * [_CVE-2021-21148_](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/02/update-now-chrome-patches-zero-day-that-was-exploited-in-the-wild/>)\n * [_CVE-2021-21166_](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/03/update-now-chrome-fix-patches-in-the-wild-zero-day/>)\n * CVE-2021-21193\n * [_CVE-2021-21206_](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/04/update-now-chrome-needs-patching-against-two-in-the-wild-exploits/>)\n * [_CVE-2021-21220_](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/04/update-now-chrome-needs-patching-against-two-in-the-wild-exploits/>)\n * CVE-2021-21224\n * CVE-2021-30551\n * CVE-2021-30554\n * CVE-2021-30563\n\nWith so much bad PR, you might expect Chrome's market share to suffer; yet, it remains by far the most popular browser. Users\u2014and the Google Chrome brand\u2014seem unaffected.\n\nMake sure you update your Chrome or Chromium-based browser once you see the patch available, or better still, make sure your browser is set to [update itself](<https://support.google.com/chrome/answer/95414?hl=en-GB&co=GENIE.Platform%3DDesktop#:~:text=Go%20to%20'About%20Google%20Chrome,Chrome%20to%20apply%20the%20update.>).\n\nStay safe!\n\nThe post [Update now! Google Chrome fixes two in-the-wild zero-days](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/09/patch-now-google-chrome-fixes-two-in-the-wild-zero-days/>) appeared first on [Malwarebytes Labs](<https://blog.malwarebytes.com>).", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-14T16:28:47", "type": "malwarebytes", "title": "Update now! Google Chrome fixes two in-the-wild zero-days", "bulletinFamily": "blog", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21148", "CVE-2021-21166", "CVE-2021-21193", "CVE-2021-21206", "CVE-2021-21220", "CVE-2021-21224", "CVE-2021-30551", "CVE-2021-30554", "CVE-2021-30563", "CVE-2021-30632", "CVE-2021-30633"], "modified": "2021-09-14T16:28:47", "id": "MALWAREBYTES:390E663F11CA04293C83488A40CB3A8A", "href": "https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/09/patch-now-google-chrome-fixes-two-in-the-wild-zero-days/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2021-07-28T14:32:30", "description": "\nChrome Releases reports:\n\n[1170176] High CVE-2021-21148: Heap buffer overflow in V8.\n\t Reported by Mattias Buelens on 2021-01-24. Google is aware of\n\t reports that an exploit for CVE-2021-21148 exists in the wild.\n\n", "edition": 3, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-04T00:00:00", "title": "chromium -- heap buffer overflow in V8", "type": "freebsd", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21148"], "modified": "2021-02-04T00:00:00", "id": "3E01AAD2-680E-11EB-83E2-E09467587C17", "href": "https://vuxml.freebsd.org/freebsd/3e01aad2-680e-11eb-83e2-e09467587c17.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2021-09-17T22:26:03", "description": "An update that fixes one vulnerability is now available.\n\nDescription:\n\n This update for opera fixes the following issues:\n\n - Update to version 74.0.3911.107\n - CHR-8311 Update chromium on desktop-stable-88-3911 to 88.0.4324.150\n - DNA-90329 Implement client_capabilities negotiation for Flow / Sync\n - DNA-90560 [Search Tabs] Open Tabs On Top\n - DNA-90620 Add opauto tests for tab snoozing\n - DNA-90628 Update opauto tests after design changes\n - DNA-90818 Only 3 recently closed tabs are shown in a search mode\n - DNA-90911 Enable search-tabs-open-tabs-on-top on developer\n - DNA-90990 Crash at opera::AddressBarView::NotifyBoundsChanged()\n - DNA-90991 Opera doesn\ufffd\ufffd\ufffdt show version and \ufffd\ufffd\ufffdRelaunch\ufffd\ufffd\ufffd button\n despite update is ready\n - DNA-91097 Crash at extensions::BrowserSidebarPrivateGetPremium\n ExtensionsInfoFunction::Run()\n - DNA-91163 [Win] \ufffd\ufffd\ufffdURL navigation filters\ufffd\ufffd\ufffd subpage doesn\ufffd\ufffd\ufffdt react\n on actions\n - DNA-91196 [Flow] Device capabilities is not properly saved in Local\n State\n - DNA-91276 Sidebar setup wont open\n - The update to chromium 88.0.4324.150 fixes following issues:\n - CVE-2021-21148 (1181827)\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:NonFree:\n\n zypper in -t patch openSUSE-2021-296=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-15T17:15:14", "type": "suse", "title": "Security update for opera (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21148"], "modified": "2021-02-15T17:15:14", "id": "OPENSUSE-SU-2021:0296-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/J3D452OYQTKXJQRO2OWRU5IM6SC2Y3TK/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-17T22:26:03", "description": "An update that fixes one vulnerability is now available.\n\nDescription:\n\n This update for chromium fixes the following issues:\n\n Update to 88.0.4324.150 boo#1181827\n\n - CVE-2021-21148: Heap buffer overflow in V8\n\n This update was imported from the openSUSE:Leap:15.2:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Backports SLE-15-SP2:\n\n zypper in -t patch openSUSE-2021-276=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-11T20:30:42", "type": "suse", "title": "Security update for chromium (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21148"], "modified": "2021-02-11T20:30:42", "id": "OPENSUSE-SU-2021:0276-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WRRV235H6DBC62DZZGTBUASQEOYUJUOQ/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-17T22:26:03", "description": "An update that fixes one vulnerability is now available.\n\nDescription:\n\n This update for chromium fixes the following issues:\n\n Update to 88.0.4324.150 boo#1181827\n\n - CVE-2021-21148: Heap buffer overflow in V8\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:\n\n zypper in -t patch openSUSE-2021-267=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-09T23:16:44", "type": "suse", "title": "Security update for chromium (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21148"], "modified": "2021-02-09T23:16:44", "id": "OPENSUSE-SU-2021:0267-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BZEZQO2PMEYX4NTXGJYF3SK3LVAZ4AS2/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-17T22:26:00", "description": "An update that fixes 10 vulnerabilities is now available.\n\nDescription:\n\n This update for opera fixes the following issues:\n\n - Update to version 74.0.3911.203\n - CHR-8324 Update chromium on desktop-stable-88-3911 to\n 88.0.4324.182(boo#1182358)\n - DNA-90762 Replace \ufffd\ufffd\ufffdDon\ufffd\ufffd\ufffdt show again\ufffd\ufffd\ufffd with \ufffd\ufffd\ufffdDiscard\ufffd\ufffd\ufffd\n - DNA-90974 Crash at\n opera::PersistentRecentlyClosedWindows::GetEntryType(SessionID)\n - DNA-91289 [Search tabs] Wrong tab stays highlighted after removing\n another tab\n - DNA-91476 Invalid memory dereference PlayerServiceBrowsertest\n - DNA-91502 Change system name on opera://about page for MacOS\n - DNA-91740 Missing title in Extensions Toolbar Menu\n - The update to chromium 88.0.4324.182 fixes following issues:\n CVE-2021-21149, CVE-2021-21150, CVE-2021-21151, CVE-2021-21152,\n CVE-2021-21153, CVE-2021-21154, CVE-2021-21155, CVE-2021-21156,\n CVE-2021-21157\n - Update to version 74.0.3911.160\n - DNA-90409 Cleanup Javascript dialogs: app modal & tab modal\n - DNA-90720 [Search Tabs] Allow discarding recently closed items\n - DNA-90802 [Windows] Debug fails on linking\n - DNA-91130 heap-use-after-free in\n CashbackBackendServiceTest.AutoUpdateSchedule\n - DNA-91152 Allow reading agent variables in trigger conditions\n - DNA-91225 [Search tabs] The webpage doesn\ufffd\ufffd\ufffdt move from \ufffd\ufffd\ufffdOpen\n tabs\ufffd\ufffd\ufffd to \ufffd\ufffd\ufffdRecently closed\ufffd\ufffd\ufffd section\n - DNA-91243 Add Rich Hint support for the cashback badge and popup\n - DNA-91483 component_unittests are timing out\n - DNA-91516 Sidebar setup opens only with cashback enabled\n - DNA-91601 No text in 1st line of address bar dropdown suggestions\n - DNA-91603 Jumbo build problem on desktop-stable-88-3911\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:NonFree:\n\n zypper in -t patch openSUSE-2021-413=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-03-15T23:16:56", "type": "suse", "title": "Security update for opera (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21148", "CVE-2021-21149", "CVE-2021-21150", "CVE-2021-21151", "CVE-2021-21152", "CVE-2021-21153", "CVE-2021-21154", "CVE-2021-21155", "CVE-2021-21156", "CVE-2021-21157"], "modified": "2021-03-15T23:16:56", "id": "OPENSUSE-SU-2021:0413-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NFEMB66XHIEXP6VOOQ4JIXBD6U5X4EIA/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-18T12:26:09", "description": "An update that fixes 29 vulnerabilities is now available.\n\nDescription:\n\n This update for libqt5-qtwebengine fixes the following issues:\n\n Update to version 5.15.3\n\n CVE fixes backported in chromium updates:\n\n - CVE-2020-16044: Use after free in WebRTC\n - CVE-2021-21118: Heap buffer overflow in Blink\n - CVE-2021-21119: Use after free in Media\n - CVE-2021-21120: Use after free in WebSQL\n - CVE-2021-21121: Use after free in Omnibox\n - CVE-2021-21122: Use after free in Blink\n - CVE-2021-21123: Insufficient data validation in File System API\n - CVE-2021-21125: Insufficient policy enforcement in File System API\n - CVE-2021-21126: Insufficient policy enforcement in extensions\n - CVE-2021-21127: Insufficient policy enforcement in extensions\n - CVE-2021-21128: Heap buffer overflow in Blink\n - CVE-2021-21129: Insufficient policy enforcement in File System API\n - CVE-2021-21130: Insufficient policy enforcement in File System API\n - CVE-2021-21131: Insufficient policy enforcement in File System API\n - CVE-2021-21132: Inappropriate implementation in DevTools\n - CVE-2021-21135: Inappropriate implementation in Performance API\n - CVE-2021-21137: Inappropriate implementation in DevTools\n - CVE-2021-21140: Uninitialized Use in USB\n - CVE-2021-21141: Insufficient policy enforcement in File System API\n - CVE-2021-21145: Use after free in Fonts\n - CVE-2021-21146: Use after free in Navigation\n - CVE-2021-21147: Inappropriate implementation in Skia\n - CVE-2021-21148: Heap buffer overflow in V8\n - CVE-2021-21149: Stack overflow in Data Transfer\n - CVE-2021-21150: Use after free in Downloads\n - CVE-2021-21152: Heap buffer overflow in Media\n - CVE-2021-21153: Stack overflow in GPU Process\n - CVE-2021-21156: Heap buffer overflow in V8\n - CVE-2021-21157: Use after free in Web Sockets\n\n This update was imported from the openSUSE:Leap:15.2:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Backports SLE-15-SP2:\n\n zypper in -t patch openSUSE-2021-1016=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-07-09T20:28:59", "type": "suse", "title": "Security update for libqt5-qtwebengine (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16044", "CVE-2021-21118", "CVE-2021-21119", "CVE-2021-21120", "CVE-2021-21121", "CVE-2021-21122", "CVE-2021-21123", "CVE-2021-21125", "CVE-2021-21126", "CVE-2021-21127", "CVE-2021-21128", "CVE-2021-21129", "CVE-2021-21130", "CVE-2021-21131", "CVE-2021-21132", "CVE-2021-21135", "CVE-2021-21137", "CVE-2021-21140", "CVE-2021-21141", "CVE-2021-21145", "CVE-2021-21146", "CVE-2021-21147", "CVE-2021-21148", "CVE-2021-21149", "CVE-2021-21150", "CVE-2021-21152", "CVE-2021-21153", "CVE-2021-21156", "CVE-2021-21157"], "modified": "2021-07-09T20:28:59", "id": "OPENSUSE-SU-2021:1016-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FA7FANKJNI72BRIWJCZ3TLBXXZJS7GLL/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-18T12:26:09", "description": "An update that fixes 29 vulnerabilities is now available.\n\nDescription:\n\n This update for libqt5-qtwebengine fixes the following issues:\n\n Update to version 5.15.3\n\n CVE fixes backported in chromium updates:\n\n - CVE-2020-16044: Use after free in WebRTC\n - CVE-2021-21118: Heap buffer overflow in Blink\n - CVE-2021-21119: Use after free in Media\n - CVE-2021-21120: Use after free in WebSQL\n - CVE-2021-21121: Use after free in Omnibox\n - CVE-2021-21122: Use after free in Blink\n - CVE-2021-21123: Insufficient data validation in File System API\n - CVE-2021-21125: Insufficient policy enforcement in File System API\n - CVE-2021-21126: Insufficient policy enforcement in extensions\n - CVE-2021-21127: Insufficient policy enforcement in extensions\n - CVE-2021-21128: Heap buffer overflow in Blink\n - CVE-2021-21129: Insufficient policy enforcement in File System API\n - CVE-2021-21130: Insufficient policy enforcement in File System API\n - CVE-2021-21131: Insufficient policy enforcement in File System API\n - CVE-2021-21132: Inappropriate implementation in DevTools\n - CVE-2021-21135: Inappropriate implementation in Performance API\n - CVE-2021-21137: Inappropriate implementation in DevTools\n - CVE-2021-21140: Uninitialized Use in USB\n - CVE-2021-21141: Insufficient policy enforcement in File System API\n - CVE-2021-21145: Use after free in Fonts\n - CVE-2021-21146: Use after free in Navigation\n - CVE-2021-21147: Inappropriate implementation in Skia\n - CVE-2021-21148: Heap buffer overflow in V8\n - CVE-2021-21149: Stack overflow in Data Transfer\n - CVE-2021-21150: Use after free in Downloads\n - CVE-2021-21152: Heap buffer overflow in Media\n - CVE-2021-21153: Stack overflow in GPU Process\n - CVE-2021-21156: Heap buffer overflow in V8\n - CVE-2021-21157: Use after free in Web Sockets\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:\n\n zypper in -t patch openSUSE-2021-973=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-07-06T02:15:44", "type": "suse", "title": "Security update for libqt5-qtwebengine (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16044", "CVE-2021-21118", "CVE-2021-21119", "CVE-2021-21120", "CVE-2021-21121", "CVE-2021-21122", "CVE-2021-21123", "CVE-2021-21125", "CVE-2021-21126", "CVE-2021-21127", "CVE-2021-21128", "CVE-2021-21129", "CVE-2021-21130", "CVE-2021-21131", "CVE-2021-21132", "CVE-2021-21135", "CVE-2021-21137", "CVE-2021-21140", "CVE-2021-21141", "CVE-2021-21145", "CVE-2021-21146", "CVE-2021-21147", "CVE-2021-21148", "CVE-2021-21149", "CVE-2021-21150", "CVE-2021-21152", "CVE-2021-21153", "CVE-2021-21156", "CVE-2021-21157"], "modified": "2021-07-06T02:15:44", "id": "OPENSUSE-SU-2021:0973-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "thn": [{"lastseen": "2021-03-13T04:28:52", "description": "[](<https://thehackernews.com/images/-QHv1N-h4fZY/YD8letBQzWI/AAAAAAAAB64/E1KslMnXt0oEcr7e27y2idTnPPl_nm3VQCLcBGAsYHQ/s0/chrome-hacking.jpg>)\n\nExactly a month after [patching](<https://thehackernews.com/2021/02/new-chrome-browser-0-day-under-active.html>) an actively exploited zero-day flaw in Chrome, Google today rolled out fixes for yet another zero-day vulnerability in the world's most popular web browser that it says is being abused in the wild.\n\nChrome 89.0.4389.72, released by the search giant for Windows, Mac, and Linux on Tuesday, comes with a total of 47 security fixes, the most severe of which concerns an \"object lifecycle issue in audio.\"\n\nTracked as CVE-2021-21166, the security flaw is one of the two bugs reported last month by Alison Huffman of Microsoft Browser Vulnerability Research on February 11. A separate object lifecycle flaw, also identified in the audio component, was reported to Google on February 4, the same day the stable version of Chrome 88 became available.\n\nWith no additional details, it's not immediately clear if the two security shortcomings are related.\n\n[](<https://thehackernews.com/images/--VPerofAuok/YD8mK08wMrI/AAAAAAAAB7I/VkM_Pg08vFQEvCxV3HbTbaDEd1HRja87QCLcBGAsYHQ/s0/hacking.jpg>)\n\nGoogle acknowledged that an exploit for the vulnerability exists in the wild but stopped short of sharing more specifics to allow a majority of users to install the fixes and prevent other threat actors from creating exploits targeting this zero-day.\n\n\"Google is aware of reports that an exploit for CVE-2021-21166 exists in the wild,\" Chrome Technical Program Manager Prudhvikumar Bommana [said](<https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html>).\n\nThis is the second zero-day flaw in Chrome that Google has addressed since the start of the year.\n\nOn February 4, the company [issued a fix](<https://thehackernews.com/2021/02/new-chrome-browser-0-day-under-active.html>) for an actively-exploited heap buffer overflow flaw (CVE-2021-21148) in its V8 JavaScript rendering engine. Additionally, Google last year [resolved five Chrome zero-days](<https://thehackernews.com/2020/11/two-new-chrome-0-days-under-active.html>) that were actively exploited in the wild in a span of one month between October 20 and November 12.\n\nChrome users can update to the latest version by heading to Settings > Help > About Google Chrome to mitigate the risk associated with the flaw.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {}, "published": "2021-03-03T06:03:00", "type": "thn", "title": "New Chrome 0-day Bug Under Active Attacks \u2013 Update Your Browser ASAP!", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-21148", "CVE-2021-21166"], "modified": "2021-03-13T02:55:42", "id": "THN:EF50BA60FF5E3EF9AF1570FF5A2589A0", "href": "https://thehackernews.com/2021/03/new-chrome-0-day-bug-under-active.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-02-06T08:40:21", "description": "[](<https://thehackernews.com/images/-qsKUPh_-GYc/YBz2LhQRcgI/AAAAAAAABsU/xp30FnHWlk4M9WwbgZRSXy28jldlk3R2wCLcBGAsYHQ/s0/chrome-zero-day-vulnerability.jpg>)\n\nGoogle has patched a zero-day vulnerability in Chrome web browser for desktop that it says is being actively exploited in the wild.\n\nThe company released [88.0.4324.150](<https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html>) for Windows, Mac, and Linux, with a fix for a heap buffer overflow flaw (CVE-2021-21148) in its V8 JavaScript rendering engine.\n\n\"Google is aware of reports that an exploit for CVE-2021-21148 exists in the wild,\" the company said in a statement.\n\nThe security flaw was reported to Google by Mattias Buelens on January 24.\n\n[](<https://go.thn.li/password-auditor> \"password auditor\" )\n\nPreviously on February 2, Google [addressed six issues in Chrome](<https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop.html>), including one critical use after free vulnerability in Payments (CVE-2021-21142) and four high severity flaws in Extensions, Tab Groups, Fonts, and Navigation features.\n\nWhile it's typical of Google to limit details of the vulnerability until a majority of users are updated with the fix, the development comes weeks after Google and Microsoft [disclosed](<https://thehackernews.com/2021/01/n-korean-hackers-targeting-security.html>) attacks carried out by North Korean hackers against security researchers with an elaborate social engineering campaign to install a Windows backdoor.\n\nWith some researchers infected simply by visiting a fake research blog on fully patched systems running Windows 10 and Chrome browser, Microsoft, in a report published on January 28, had hinted that the attackers likely leveraged a Chrome zero-day to compromise the systems.\n\nAlthough it's not immediately clear if CVE-2021-21148 was used in these attacks, the timing of the revelations and the fact that Google's advisory came out exactly one day after Buelens reported the issue implies they could be related.\n\nIn a separate technical write-up, South Korean cybersecurity firm ENKI [said](<https://enki.co.kr/blog/2021/02/04/ie_0day.html>) the North Korean state-sponsored hacking group known as Lazarus made an unsuccessful attempt at targeting its security researchers with malicious MHTML files that, when opened, downloaded two payloads from a remote server, one of which contained a zero-day against Internet Explorer.\n\n\"The secondary payload contains the attack code that attacks the vulnerability of the Internet Explorer browser,\" ENKI researchers said.\n\nIt's worth noting that Google last year [fixed five Chrome zero-days](<https://thehackernews.com/2020/11/two-new-chrome-0-days-under-active.html>) that were actively exploited in the wild in a span of one month between October 20 and November 12.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {}, "published": "2021-02-05T07:40:00", "type": "thn", "title": "New Chrome Browser 0-day Under Active Attack\u2014Update Immediately!", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-21142", "CVE-2021-21148"], "modified": "2021-02-06T07:03:40", "id": "THN:2E0F12E8B4294632DF7D326E9360976B", "href": "https://thehackernews.com/2021/02/new-chrome-browser-0-day-under-active.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-03-16T05:26:08", "description": "[](<https://thehackernews.com/images/-tnjJ0FH8P0I/YEwt7ddHBcI/AAAAAAAACB8/2lR87aM5jBAUOKikDOdI3SWSC9ZG92FcgCLcBGAsYHQ/s0/chrome-browser-update.jpg>)\n\nGoogle has addressed yet another actively exploited zero-day in Chrome browser, marking the second such fix released by the company within a month.\n\nThe browser maker on Friday shipped 89.0.4389.90 for Windows, Mac, and Linux, which is expected to be rolling out over the coming days/weeks to all users.\n\nWhile the update contains a total of five security fixes, the most important flaw rectified by Google concerns a [use after free](<https://cwe.mitre.org/data/definitions/416.html>) vulnerability in its Blink rendering engine. The bug is tracked as CVE-2021-21193.\n\nDetails about the flaw are scarce except that it was reported to Google by an anonymous researcher on March 9.\n\nAccording to IBM, the vulnerability is rated 8.8 out of 10 on the CVSS scale, and could allow a remote attacker to execute arbitrary code on the target system. \"By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system,\" the report stated.\n\nAs is usually the case with actively exploited flaws, Google issued a terse statement acknowledging that an exploit for CVE-2021-21193 existed but refrained from sharing additional information until a majority of users are updated with the fixes and prevent other threat actors from creating exploits targeting this zero-day.\n\n[](<https://thehackernews.com/images/-4e8UqaJKLag/YEwrYTe6kaI/AAAAAAAACB0/A61b0Tzs5nIymspbYAAIoURKA3zV5lE2QCLcBGAsYHQ/s0/chrome-zero-day.jpg>)\n\n\"Google is aware of reports that an exploit for CVE-2021-21193 exists in the wild,\" Chrome Technical Program Manager Prudhvikumar Bommana [noted](<https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_12.html>) in a blog post.\n\nWith this update, Google has fixed three zero-day flaws in Chrome since the start of the year.\n\nEarlier this month, the company issued a fix for an \"object lifecycle issue in audio\" (CVE-2021-21166) which it said was being actively exploited. Then on February 4, the company resolved another actively-exploited heap buffer overflow flaw (CVE-2021-21148) in its V8 JavaScript rendering engine.\n\nChrome users can update to the latest version by heading to Settings > Help > About Google Chrome to mitigate the risk associated with the flaw.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {}, "published": "2021-03-13T03:16:00", "type": "thn", "title": "Another Google Chrome 0-Day Bug Found Actively Exploited In-the-Wild", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-21148", "CVE-2021-21166", "CVE-2021-21193"], "modified": "2021-03-16T04:51:58", "id": "THN:15BF409706D7240A5276C705732D745F", "href": "https://thehackernews.com/2021/03/another-google-chrome-0-day-bug-found.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-04-14T10:27:41", "description": "[](<https://thehackernews.com/images/-9Ndx9Vcrx9E/YHaB5SvoxwI/AAAAAAAACRI/WgbWr7Dgj6sRKNuvNcO4lj-zwEO5CNQdwCLcBGAsYHQ/s0/chrome-zero-day.jpg>)\n\nGoogle on Tuesday released a new version of Chrome web-browsing software for Windows, Mac, and Linux with patches for two newly discovered security vulnerabilities for both of which it says exploits exist in the wild, allowing attackers to engage in active exploitation.\n\nOne of the two flaws concerns an insufficient validation of untrusted input in its V8 JavaScript rendering engine (CVE-2021-21220), which was demonstrated by Dataflow Security's Bruno Keith and Niklas Baumstark at the [Pwn2Own 2021](<https://thehackernews.com/2021/04/windows-ubuntu-zoom-safari-ms-exchange.html>) hacking contest last week.\n\n[](<https://go.thn.li/inside12> \"password auditor\" )\n\nWhile Google moved to fix the flaw quickly, security researcher Rajvardhan Agarwal published a [working exploit](<https://thehackernews.com/2021/04/rce-exploit-released-for-unpatched.html>) over the weekend by reverse-engineering the patch that the Chromium team pushed to the open-source component, a factor that may have played a crucial role in the release.\n\n**UPDATE:** _Agarwal, in an email to The Hacker News, confirmed that there's [one more vulnerability](<https://twitter.com/r4j0x00/status/1382125720344793090>) affecting Chromium-based browsers that has been patched in the latest version of V8, but has not been included in the Chrome release rolling out today, thereby leaving users potentially vulnerable to attacks even after installing the new update._\n\n\"Even though both the flaws are different in nature, they can be exploited to gain RCE in the renderer process,\" Agarwal told The Hacker News via email. \"I suspect that the first patch was released with the Chrome update because of the published exploit but as the second patch was not applied to Chrome, it can still be exploited.\"\n\nAlso resolved by the company is a [use-after-free](<https://cwe.mitre.org/data/definitions/416.html>) vulnerability in its Blink browser engine (CVE-2021-21206). An anonymous researcher has been credited with reporting the flaw on April 7.\n\n[](<https://thehackernews.com/images/-Co9nqKO9t2I/YHaAjushveI/AAAAAAAACRA/uFUYN6VpoCwJz2lCJEMBEGAwXowVZlR3wCLcBGAsYHQ/s0/chrome-hacking.jpg>)\n\n\"Google is aware of reports that exploits for CVE-2021-21206 and CVE-2021-21220 exist in the wild,\" Chrome Technical Program Manager Prudhvikumar Bommana [noted](<https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop.html>) in a blog post.\n\n[](<https://go.thn.li/inside23> \"password auditor\" )\n\nIt's worth noting that the existence of an exploit is not evidence of active exploitation by threat actors. Since the start of the year, Google has fixed three shortcomings in Chrome that have been under attack, including [CVE-2021-21148](<https://thehackernews.com/2021/02/new-chrome-browser-0-day-under-active.html>), [CVE-2021-21166](<https://thehackernews.com/2021/03/new-chrome-0-day-bug-under-active.html>), and [CVE-2021-21193](<https://thehackernews.com/2021/03/another-google-chrome-0-day-bug-found.html>).\n\nChrome 89.0.4389.128 is expected to roll out in the coming days. Users can update to the latest version by heading to Settings > Help > About Google Chrome to mitigate the risk associated with the flaws.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {}, "published": "2021-04-14T05:48:00", "type": "thn", "title": "Update Your Chrome Browser to Patch 2 New In-the-Wild 0-Day Exploits", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-21148", "CVE-2021-21166", "CVE-2021-21193", "CVE-2021-21206", "CVE-2021-21220"], "modified": "2021-04-14T08:32:40", "id": "THN:F197A729A4F49F957F9D5910875EBAAA", "href": "https://thehackernews.com/2021/04/2-new-chrome-0-days-under-attack-update.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-06-10T10:29:53", "description": "[](<https://thehackernews.com/images/--v2cn8JGV00/YMGRd9cFvrI/AAAAAAAACz4/i5Stk6m4GEgwbul82T6lZeEbdMMNfofJQCLcBGAsYHQ/s0/chrome-zero-day-vulnerability.jpg>)\n\nAttention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update it immediately to the latest version Google released earlier today.\n\nThe internet services company has rolled out an urgent update to the browser to address 14 newly discovered security issues, including a zero-day flaw that it says is being actively exploited in the wild.\n\nTracked as [CVE-2021-30551](<https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html>), the vulnerability stems from a type confusion issue in its V8 open-source and JavaScript engine. Sergei Glazunov of Google Project Zero has been credited with discovering and reporting the flaw.\n\n[](<https://go.thn.li/s-header-300-4> \"Stack Overflow Teams\" )\n\nAlthough the search giant's Chrome team issued a terse statement acknowledging \"an exploit for CVE-2021-30551 exists in the wild,\" Shane Huntley, Director of Google's Threat Analysis Group, [hinted](<https://twitter.com/ShaneHuntley/status/1402712986289016835>) that the vulnerability was leveraged by the same actor that abused [CVE-2021-33742](<https://thehackernews.com/2021/06/update-your-windows-computers-to-patch.html>), an actively exploited remote code execution flaw in Windows MSHTML platform that was addressed by Microsoft as part of its Patch Tuesday update on June 8.\n\n[](<https://thehackernews.com/images/-XI4fkisfDp0/YMGPq0RtpKI/AAAAAAAACzw/d0mpshr20nw2j--sOXxBrrTJIj2IP95ewCLcBGAsYHQ/s0/chrome-zero-day.jpg>)\n\nThe two zero-days are said to have been provided by a commercial exploit broker to a nation-state actor, which used them in limited attacks against targets in Eastern Europe and the Middle East, Huntley said.\n\nMore technical details about the nature of the attacks are to be released in the coming weeks so as to allow a majority of the users to install the update and prevent other threat actors from creating exploits targeting the flaw.\n\n[](<https://go.thn.li/ransomware_728> \"Prevent Ransomware Attacks\" )\n\nWith the latest fix, Google has addressed a total of seven zero-days in Chrome since the start of the year \u2014\n\n * [**CVE-2021-21148**](<https://thehackernews.com/2021/02/new-chrome-browser-0-day-under-active.html>) \\- Heap buffer overflow in V8\n * [**CVE-2021-21166**](<https://thehackernews.com/2021/03/new-chrome-0-day-bug-under-active.html>) \\- Object recycle issue in audio\n * [**CVE-2021-21193**](<https://thehackernews.com/2021/03/another-google-chrome-0-day-bug-found.html>) \\- Use-after-free in Blink\n * [**CVE-2021-21206**](<https://thehackernews.com/2021/04/2-new-chrome-0-days-under-attack-update.html>) \\- Use-after-free in Blink\n * [**CVE-2021-21220**](<https://thehackernews.com/2021/04/2-new-chrome-0-days-under-attack-update.html>) \\- Insufficient validation of untrusted input in V8 for x86_64\n * [**CVE-2021-21224**](<https://thehackernews.com/2021/04/update-your-chrome-browser-immediately.html>) \\- Type confusion in V8\n\nChrome users can update to the latest version (91.0.4472.101) by heading to Settings > Help > About Google Chrome to mitigate the risk associated with the flaw.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {}, "published": "2021-06-10T04:14:00", "type": "thn", "title": "New Chrome 0-Day Bug Under Active Attacks \u2013 Update Your Browser ASAP!", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-21148", "CVE-2021-21166", "CVE-2021-21193", "CVE-2021-21206", "CVE-2021-21220", "CVE-2021-21224", "CVE-2021-30551", "CVE-2021-33742"], "modified": "2021-06-10T10:25:50", "id": "THN:7D7C05739ECD847B8CDEEAF930C51BF8", "href": "https://thehackernews.com/2021/06/new-chrome-0-day-bug-under-active.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-16T06:39:03", "description": "[](<https://thehackernews.com/images/--Br-zb7NQb0/YPEUTqMvgsI/AAAAAAAADNw/cesEHjkHFKgyqC_MTP_ji5iUXUCeqoH1QCLcBGAsYHQ/s0/chrome-update.jpg>)\n\nGoogle has pushed out a new security update to Chrome browser for Windows, Mac, and Linux with multiple fixes, including a zero-day that it says is being exploited in the wild.\n\nThe latest patch resolves a total of eight issues, one of which concerns a type confusion issue in its V8 open-source and JavaScript engine ([CVE-2021-30563](<https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop.html>)). The search giant credited an anonymous researcher for reporting the flaw on July 12.\n\n[](<https://go.thn.li/1-free-300-7> \"Stack Overflow Teams\" )\n\nAs is usually the case with actively exploited flaws, the company issued a terse statement acknowledging that \"an exploit for CVE-2021-30563 exists in the wild\" while refraining from sharing full details about the underlying vulnerability used in the attacks due to its serious nature and the possibility that doing so could lead to further abuse.\n\nCVE-2021-30563 also marks the ninth zero-day addressed by Google to combat real-world attacks against Chrome users since the start of the year \u2014\n\n * [**CVE-2021-21148**](<https://thehackernews.com/2021/02/new-chrome-browser-0-day-under-active.html>) \\- Heap buffer overflow in V8\n * [**CVE-2021-21166**](<https://thehackernews.com/2021/03/new-chrome-0-day-bug-under-active.html>) \\- Object recycle issue in audio\n * [**CVE-2021-21193**](<https://thehackernews.com/2021/03/another-google-chrome-0-day-bug-found.html>) \\- Use-after-free in Blink\n * [**CVE-2021-21206**](<https://thehackernews.com/2021/04/2-new-chrome-0-days-under-attack-update.html>) \\- Use-after-free in Blink\n * [**CVE-2021-21220**](<https://thehackernews.com/2021/04/2-new-chrome-0-days-under-attack-update.html>) \\- Insufficient validation of untrusted input in V8 for x86_64\n * [**CVE-2021-21224**](<https://thehackernews.com/2021/04/update-your-chrome-browser-immediately.html>) \\- Type confusion in V8\n * [**CVE-2021-30551**](<https://thehackernews.com/2021/06/new-chrome-0-day-bug-under-active.html>) \\- Type confusion in V8\n * [**CVE-2021-30554**](<https://thehackernews.com/2021/06/update-your-chrome-browser-to-patch-yet.html>) \\- Use-after-free in WebGL\n\nChrome users are advised to update to the latest version (91.0.4472.164) by heading to Settings > Help > 'About Google Chrome' to mitigate the risk associated with the flaw.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {}, "published": "2021-07-16T05:08:00", "type": "thn", "title": "Update Your Chrome Browser to Patch New Zero\u2011Day Bug Exploited in the Wild", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-21148", "CVE-2021-21166", "CVE-2021-21193", "CVE-2021-21206", "CVE-2021-21220", "CVE-2021-21224", "CVE-2021-30551", "CVE-2021-30554", "CVE-2021-30563"], "modified": "2021-07-16T05:08:47", "id": "THN:C736174C6B0ADC38AA88BC58F30271DA", "href": "https://thehackernews.com/2021/07/update-your-chrome-browser-to-patch-new.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-14T14:36:03", "description": "[](<https://thehackernews.com/images/-FOgCdN3CSOk/YUAgGS1bB1I/AAAAAAAADyc/2oKkq_Mon1AnpsrRVosSNgmXm6ZdbQTXACLcBGAsYHQ/s0/chrome-update.jpg>)\n\nGoogle on Monday released security updates for Chrome web browser to address a total of 11 security issues, two of which it says are actively exploited zero-days in the wild.\n\nTracked as **CVE-2021-30632** and **CVE-2021-30633**, the [vulnerabilities](<https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop.html>) concern an out of bounds write in V8 JavaScript engine and a use after free flaw in Indexed DB API respectively, with the internet giant crediting anonymous researchers for reporting the bugs on September 8.\n\nAs is typically the case, the company said it's \"aware that exploits for CVE-2021-30632 and CVE-2021-30633 exist in the wild\" without sharing additional specifics about how, when, and where the vulnerabilities were exploited, or the threat actors that may be abusing them.\n\nWith these two security shortcomings, Google has addressed a total of 11 zero-day vulnerabilities in Chrome since the start of the year \u2014\n\n * [**CVE-2021-21148**](<https://thehackernews.com/2021/02/new-chrome-browser-0-day-under-active.html>) \\- Heap buffer overflow in V8\n * [**CVE-2021-21166**](<https://thehackernews.com/2021/03/new-chrome-0-day-bug-under-active.html>) \\- Object recycle issue in audio\n * [**CVE-2021-21193**](<https://thehackernews.com/2021/03/another-google-chrome-0-day-bug-found.html>) \\- Use-after-free in Blink\n * [**CVE-2021-21206**](<https://thehackernews.com/2021/04/2-new-chrome-0-days-under-attack-update.html>) \\- Use-after-free in Blink\n * [**CVE-2021-21220**](<https://thehackernews.com/2021/04/2-new-chrome-0-days-under-attack-update.html>) \\- Insufficient validation of untrusted input in V8 for x86_64\n * [**CVE-2021-21224**](<https://thehackernews.com/2021/04/update-your-chrome-browser-immediately.html>) \\- Type confusion in V8\n * [**CVE-2021-30551**](<https://thehackernews.com/2021/06/new-chrome-0-day-bug-under-active.html>) \\- Type confusion in V8\n * [**CVE-2021-30554**](<https://thehackernews.com/2021/06/update-your-chrome-browser-to-patch-yet.html>) \\- Use-after-free in WebGL\n * [**CVE-2021-30563**](<https://thehackernews.com/2021/07/update-your-chrome-browser-to-patch-new.html>) \\- Type confusion in V8\n\nChrome users are advised to update to the latest version (93.0.4577.82) for Windows, Mac, and Linux by heading to Settings > Help > 'About Google Chrome' to mitigate the risk associated with the flaws.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-14T04:08:00", "type": "thn", "title": "Update Google Chrome to Patch 2 New Zero-Day Flaws Under Attack", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21148", "CVE-2021-21166", "CVE-2021-21193", "CVE-2021-21206", "CVE-2021-21220", "CVE-2021-21224", "CVE-2021-30551", "CVE-2021-30554", "CVE-2021-30563", "CVE-2021-30632", "CVE-2021-30633"], "modified": "2021-09-14T13:13:32", "id": "THN:1A836FDDE57334BC4DAFA65E6DFA02E4", "href": "https://thehackernews.com/2021/09/update-google-chrome-to-patch-2-new.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "threatpost": [{"lastseen": "2021-02-05T15:56:30", "description": "Google is warning of a zero-day vulnerability in its V8 open-source web engine that\u2019s being actively exploited by attackers.\n\nA patch has been issued in version 88 of Google\u2019s Chrome browser \u2014 specifically, version 88.0.4324.150 for Windows, Mac and Linux. This update will roll out over the coming days and weeks, said Google. The flaw ([CVE-2021-21148](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21148>)) stems from a heap-buffer overflow, said Google.\n\n\u201cGoogle is aware of reports that an exploit for CVE-2021-21148 exists in the wild,\u201d according to [Google\u2019s Thursday security update](<https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html>).\n\n## **What is a Heap-Buffer Overflow Security Flaw?**\n\nA heap-buffer overflow flaw as its name suggests, is a type of [buffer-overflow error.](<https://cwe.mitre.org/data/definitions/122.html>) This is a class of vulnerability where the region of a process\u2019 memory used to store dynamic variables (the heap) can be overwhelmed. If a buffer-overflow occurs, it typically causes the affected program to behave incorrectly, [according to researchers with Imperva](<https://www.imperva.com/learn/application-security/buffer-overflow/>) \u2013 causing memory access errors and crashes \u2014 and opening the door to remote code execution.\n\nHowever, beyond classifying the flaw as a heap-buffer overflow, Google did not specify the potential impact of this vulnerability. In fact, details of the bug overall (including how it can be exploited) remain scant while Google works to push out the fixes.\n\n\u201cAccess to bug details and links may be kept restricted until a majority of users are updated with a fix,\u201d said Google. \u201cWe will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven\u2019t yet fixed.\u201d\n\n## **What is the V8 JavaScript Engine?**\n\nThe heap-buffer overflow error exists in V8, an open-source WebAssembly and JavaScript engine developed by the Chromium Project for Google Chrome and Chromium web browsers. V8, which is written in C++, can run stand-alone, or can be embedded into any C++ application.\n\nBugs have previously been discovered (and exploited) in V8, including a flaw in November that was high-severity and tied to active exploits. That flaw [was only described as](<https://threatpost.com/chrome-holes-actively-targeted/160890/>) an \u201cinappropriate implementation in V8.\u201d** **\n\n## **Security Researchers: Targets for Chrome Zero-Day Exploits?**\n\nWhile Google didn\u2019t provide further details of the attackers exploiting the flaw, researchers with Malwarebytes on Friday made a \u201cgeneral assumption\u201d that the attack \u201cwas used against security researchers working on vulnerability research and development at different companies and organizations.\u201d\n\nThey pointed to the timing of when the vulnerability was reported to Google by Mattias Buelens (Jan. 24) and when a report released by Google\u2019s Threat Analysis Group (Jan. 26). That report [by Google researchers](<https://threatpost.com/north-korea-security-researchers-0-day/163333/>) revealed that hackers linked to [North Korea](<https://threatpost.com/north-korea-spy-reporters-feds-warn/160622/>) were targeting security researchers with an elaborate social-engineering campaign that set up trusted relationships with them \u2014 and then infected their organizations\u2019 systems with custom backdoor malware.\n\n\u201cOne of the methods the attackers used was to interact with the researchers and get them to follow a link on Twitter to a write-up hosted on a malicious website,\u201d said [researchers with Malwarebytes](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/02/update-now-chrome-patches-zero-day-that-was-exploited-in-the-wild/>). \u201cShortly after the visit, a malicious service was installed on the researcher\u2019s system and an in-memory backdoor would begin to communicate with a command and control (C&C) server. This sure sounds like something that could be accomplished using a heap buffer overflow in a browser.\u201d\n\nHowever, Google has not confirmed any correlation with this attack.\n\n## **Google Chrome Browser: How to Update**\n\nResearchers urge Google Chrome users to update as soon as possible. Chrome will in many cases update to its newest version automatically, however security experts suggest that users double check that this has happened. To check if an update is available:\n\n * Google Chrome users can go to chrome://settings/help by clicking Settings > About Chrome\n * If an update is available Chrome will notify users and then start the download process\n * Users can then relaunch the browser to complete the update\n\n## ** ****Google Chrome Cybersecurity Flaws Continue **\n\nThe flaw is only the latest security issue in Google Chrome in recent months. In January, the Cybersecurity and Infrastructure Security Agency (CISA) [urged Windows, macOS and Linux users](<https://threatpost.com/firefox-chrome-edge-bugs-system-hijacking/162873/>) of Google\u2019s Chrome browser to patch an out-of-bounds write bug (CVE-2020-15995) impacting the current 87.0.4280.141 version of the software.\n\nAnd in December, Google updated Chrome to fix four bugs with a severity rating of \u201chigh\u201d and eight overall. [Three were use-after-free flaws](<https://threatpost.com/google_chrome_bugs_patched/161907/>), which could allow an adversary to generate an error in the browser\u2019s memory, opening the door to a browser hack and host computer compromise.\n\n**Download our exclusive **[**FREE Threatpost Insider eBook**](<https://threatpost.com/ebooks/healthcare-security-woes-balloon-in-a-covid-era-world/?utm_source=FEATURE&utm_medium=FEATURE&utm_campaign=Nov_eBook>) _**Healthcare Security Woes Balloon in a Covid-Era World**_**, sponsored by ZeroNorth, to learn more about what these security risks mean for hospitals at the day-to-day level and how healthcare security teams can implement best practices to protect providers and patients. Get the whole story and **[**DOWNLOAD the eBook now**](<https://threatpost.com/ebooks/healthcare-security-woes-balloon-in-a-covid-era-world/?utm_source=ART&utm_medium=ART&utm_campaign=Nov_eBook>)** \u2013 on us!**\n\nWrite a comment\n\n**Share this article:**\n\n * [Hacks](<https://threatpost.com/category/hacks/>)\n * [Vulnerabilities](<https://threatpost.com/category/vulnerabilities/>)\n * [Web Security](<https://threatpost.com/category/web-security/>)\n", "cvss3": {}, "published": "2021-02-05T15:47:55", "type": "threatpost", "title": "Google Chrome Zero-Day Afflicts Windows, Mac Users", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2020-15995", "CVE-2021-21148"], "modified": "2021-02-05T15:47:55", "id": "THREATPOST:398E85215A3E7B7329EE3FED8F6374FF", "href": "https://threatpost.com/google-chrome-zero-day-windows-mac/163688/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-14T15:21:25", "description": "Google has addressed two zero-day security bugs that are being actively exploited in the wild.\n\nAs part of the internet giant\u2019s latest stable channel release (version 93.0.4577.82 for Windows, Mac and Linux), it fixed 11 total vulnerabilities, all of them rated high-severity. The two zero days are tracked as CVE-2021-30632 and CVE-2021-30633.\n\n\u201cGoogle is aware that exploits for [these] exist in the wild,\u201d the company said in its short website notice on the update, [issued Monday](<https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop.html>).\n\n[](<https://threatpost.com/infosec-insider-subscription-page/?utm_source=ART&utm_medium=ART&utm_campaign=InfosecInsiders_Newsletter_Promo/>)\n\nGoogle is restricting any technical details \u201cuntil a majority of users are updated with a fix,\u201d it said. The vulnerabilities were reported anonymously, precluding any gleaning of details from the researcher who found them. Here\u2019s what we know:\n\n * CVE-2021-30632: Out of bounds write in V8 JavaScript Engine; and\n * CVE-2021-30633: Use after free in the IndexedDB API.\n\nOut-of-bounds write flaws [can result in](<https://cwe.mitre.org/data/definitions/787.html>) corruption of data, a crash or code execution. Use-after-free issues [can result in](<https://cwe.mitre.org/data/definitions/416.html>) any number of attack types, ranging from the corruption of valid data to the execution of arbitrary code. Both bugs have TBD bug-bounty awards attached to them and were reported on Sept. 8.\n\nV8 is Google\u2019s open-source, high-performance JavaScript and WebAssembly engine for Chrome and Chromium-based browsers. It translates JavaScript code into a more efficient machine code instead of using an interpreter, which speeds up the web browser. Since this vulnerable components is not specific to Google Chrome, it\u2019s a good bet that other browsers are affected by the bug as well.\n\nIndexedDB, meanwhile, allows users to persistently store large amounts of structured data client-side, inside their browsers. The API is a JavaScript application programming interface provided by web browsers for managing these NoSQL databases. It\u2019s a standard maintained by the World Wide Web Consortium.\n\n\u201cBrowser bugs discovered from exploitation in the wild are among the most significant security threats,\u201d John Bambenek, principal threat hunter at Netenrich, said via email. \u201cNow that they are patched, exploitation will ramp up. That said, almost 20 years on and we haven\u2019t made web browsing safe shows that the rapid embrace of technology continues to leave users exposed to criminals and nation-state actors. Everyone wants to learn how to hack, too few people are working on defense.\u201d\n\nThe other nine bugs addressed by Google are as follows:\n\n * CVE-2021-30625: Use after free in Selection API. _Reported by Marcin Towalski of Cisco Talos on 2021-08-06_\n * CVE-2021-30626: Out of bounds memory access in ANGLE. _Reported by Jeonghoon Shin of Theori on 2021-08-18_\n * CVE-2021-30627: Type Confusion in Blink layout. _Reported by Aki Helin of OUSPG on 2021-09-01_\n * CVE-2021-30628: Stack buffer overflow in ANGLE. _Reported by Jaehun Jeong(@n3sk) of Theori on 2021-08-18_\n * CVE-2021-30629: Use after free in Permissions. _Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi\u2019anxin Group on 2021-08-26_\n * CVE-2021-30630: Inappropriate implementation in Blink. _Reported by SorryMybad (@S0rryMybad) of Kunlun Lab on 2021-08-30_\n * CVE-2021-30631: Type Confusion in Blink layout. _Reported by Atte Kettunen of OUSPG on 2021-09-06_\n\nKevin Dunne, president at Pathlock, pointed out that Google has patched plenty of zero-days already this year \u2013 eight prior to the latest two, to be exact \u2013 and he said to expect more.\n\n## **10th Zero-Day in 2021 for Google**\n\n\u201cToday, Google released a patch for its tenth [and ninth] zero-day exploit of the year,\u201d Dunne said in an email to media. \u201cThis milestone highlights the emphasis that bad actors are putting on browser exploits, with Chrome becoming a clear favorite, allowing a streamlined way to gain access to millions of devices regardless of OS.\n\n\u201cWe expect to see continued zero-day exploits in the wild,\u201d he added.\n\nThe other zero days discovered so far in 2021 are as follows, many of them in the V8 engine:\n\n * [CVE-2021-21148](<https://threatpost.com/google-chrome-zero-day-windows-mac/163688/>) \u2013 (February)\n * [CVE-2021-21166](<https://threatpost.com/google-patches-actively-exploited-flaw-in-chrome-browser/164468/>) \u2013 (March)\n * [CVE-2021-21193](<https://threatpost.com/google-mac-windows-chrome-zero-day/164759/>) \u2013 (March)\n * [CVE-2021-21220](<https://threatpost.com/chrome-zero-day-exploit-twitter/165363/>) \u2013 (April)\n * [CVE-2021-21224](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21224>) \u2013 (April, later [used in Windows attacks](<https://threatpost.com/microsoft-patch-tuesday-in-the-wild-exploits/166724/>))\n * [CVE-2021-30551](<https://threatpost.com/chrome-browser-bug-under-attack/166804/>) \u2013 (June)\n * [CVE-2021-30554](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30554>) \u2013 (June)\n * [CVE-2021-30563](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30563>) \u2013 (July)\n\n\u201cGoogle\u2019s commitment to patching these exploits quickly is commendable, as they operate Google Chrome as freeware and therefore are the sole entity who can provide these updates,\u201d Dunne wrote. \u201cGoogle is committed to providing Chrome as a free browser, as it is a critical entry point for other businesses such as Google Search and Google Workspace.\u201d\n\nThe news comes as Apple [rushed a fix](<https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/>) for a zero-click zero-day exploit targeting iMessaging. It\u2019s allegedly been used to illegally spy on Bahraini activists with NSO Group\u2019s Pegasus spyware, according to researchers.\n\nMicrosoft is also expected to release its monthly Patch Tuesday set of updates today, so we\u2019ll see if there are yet more zero-day exploits to worry about.\n\n**It\u2019s time to evolve threat hunting into a pursuit of adversaries. **[**JOIN**](<https://threatpost.com/webinars/threat-hunting-catch-adversaries/?utm_source=ART&utm_medium=ART&utm_campaign=September_Cybersixgill_Webinar>)** Threatpost and Cybersixgill for **[**Threat Hunting to Catch Adversaries, Not Just Stop Attacks**](<https://threatpost.com/webinars/threat-hunting-catch-adversaries/?utm_source=ART&utm_medium=ART&utm_campaign=September_Cybersixgill_Webinar>)** and get a guided tour of the dark web and learn how to track threat actors before their next attack. **[**REGISTER NOW**](<https://threatpost.com/webinars/threat-hunting-catch-adversaries/?utm_source=ART&utm_medium=ART&utm_campaign=September_Cybersixgill_Webinar>)** for the LIVE discussion on Sept. 22 at 2 p.m. EST with Cybersixgill\u2019s Sumukh Tendulkar and Edan Cohen, along with independent researcher and vCISO Chris Roberts and Threatpost host Becky Bracken.**\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-14T15:03:41", "type": "threatpost", "title": "Pair of Google Chrome Zero-Day Bugs Actively Exploited", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21148", "CVE-2021-21166", "CVE-2021-21193", "CVE-2021-21220", "CVE-2021-21224", "CVE-2021-30551", "CVE-2021-30554", "CVE-2021-30563", "CVE-2021-30625", "CVE-2021-30626", "CVE-2021-30627", "CVE-2021-30628", "CVE-2021-30629", "CVE-2021-30630", "CVE-2021-30631", "CVE-2021-30632", "CVE-2021-30633"], "modified": "2021-09-14T15:03:41", "id": "THREATPOST:88DD5812D3C8652E304F32507E4F68DD", "href": "https://threatpost.com/google-chrome-zero-day-exploited/169442/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "krebs": [{"lastseen": "2021-02-10T00:29:38", "description": "**Microsoft** today rolled out updates to plug at least 56 security holes in its **Windows** operating systems and other software. One of the bugs is already being actively exploited, and six of them were publicized prior to today, potentially giving attackers a head start in figuring out how to exploit the flaws.\n\n\n\nNine of the 56 vulnerabilities earned Microsoft's most urgent "critical" rating, meaning malware or miscreants could use them to seize remote control over unpatched systems with little or no help from users.\n\nThe flaw being exploited in the wild already -- [CVE-2021-1732](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1732>) -- affects Windows 10, Server 2016 and later editions. It received a slightly less dire "important" rating and mainly because it is a vulnerability that lets an attacker increase their authority and control on a device, which means the attacker needs to already have access to the target system.\n\nTwo of the other bugs that were disclosed prior to this week are critical and reside in **Microsoft's .NET Framework**, a component required by many third-party applications (most Windows users will have some version of .NET installed).\n\nWindows 10 users should note that while the operating system installs all monthly patch roll-ups in one go, that rollup does not typically include .NET updates, which are installed on their own. So when you've backed up your system and installed this month's patches, you may want to check Windows Update again to see if there are any .NET updates pending.\n\nA key concern for enterprises is another critical bug in the DNS server on Windows Server 2008 through 2019 versions that could be used to remotely install software of the attacker's choice. [CVE-2021-24078](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-24078>) earned [a CVSS Score](<https://nvd.nist.gov/vuln-metrics/cvss>) of 9.8, which is about as dangerous as they come.\n\n**Recorded Future** says this vulnerability can be exploited remotely by getting a vulnerable DNS server to query for a domain it has not seen before (e.g. by sending a phishing email with a link to a new domain or even with images embedded that call out to a new domain). **Kevin Breen** of **Immersive Labs** notes that CVE-2021-24078 could let an attacker steal loads of data by altering the destination for an organization's web traffic -- such as pointing internal appliances or Outlook email access at a malicious server.\n\nWindows Server users also should be aware that Microsoft this month is enforcing the second round of security improvements as part of a two-phase update to address [CVE-2020-1472](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1472>), a severe vulnerability that [first saw active exploitation back in September 2020](<https://krebsonsecurity.com/2020/09/microsoft-attackers-exploiting-zerologon-windows-flaw/>).\n\nThe vulnerability, dubbed "**Zerologon**," is a bug in the core "**Netlogon**" component of Windows Server devices. The flaw lets an unauthenticated attacker gain administrative access to a Windows domain controller and run any application at will. A domain controller is a server that responds to security authentication requests in a Windows environment, and a compromised domain controller can give attackers the keys to the kingdom inside a corporate network.\n\nMicrosoft's [initial patch for CVE-2020-1472](<https://krebsonsecurity.com/2020/08/microsoft-patch-tuesday-august-2020-edition/>) fixed the flaw on Windows Server systems, but did nothing to stop unsupported or third-party devices from talking to domain controllers using the insecure Netlogon communications method. Microsoft said it chose this two-step approach "to ensure vendors of non-compliant implementations can provide customers with updates." With this month's patches, Microsoft will begin rejecting insecure Netlogon attempts from non-Windows devices.\n\nA couple of other, non-Windows security updates are worth mentioning. Adobe today [released updates to fix at least 50 security holes in a range of products](<https://blogs.adobe.com/psirt/?p=1965>), including Photoshop and Reader. The Acrobat/Reader update tackles a critical zero-day flaw that [Adobe says](<https://helpx.adobe.com/security/products/acrobat/apsb21-09.html>) is actively being exploited in the wild against Windows users, so if you have Adobe Acrobat or Reader installed, please make sure these programs are kept up to date.\n\nThere is also a zero-day flaw in **Google's Chrome Web browser** (CVE-2021-21148) that is seeing active attacks. Chrome downloads security updates automatically, but users still need to restart the browser for the updates to fully take effect. If you're a Chrome user and notice a red "update" prompt to the right of the address bar, it's time to save your work and restart the browser.\n\nStandard reminder: While staying up-to-date on Windows patches is a must, it\u2019s important to make sure you\u2019re updating only after you\u2019ve backed up your important data and files. A reliable backup means you\u2019re less likely to pull your hair out when the odd buggy patch causes problems booting the system.\n\nSo do yourself a favor and backup your files before installing any patches. Windows 10 even has [some built-in tools](<https://lifehacker.com/how-to-back-up-your-computer-automatically-with-windows-1762867473>) to help you do that, either on a per-file/folder basis or by making a complete and bootable copy of your hard drive all at once.\n\nKeep in mind that Windows 10 by default will automatically download and install updates on its own schedule. If you wish to ensure Windows has been set to pause updating so you can back up your files and/or system before the operating system decides to reboot and install patches, [see this guide](<https://www.computerworld.com/article/3543189/check-to-make-sure-you-have-windows-updates-paused.html>).\n\nAnd as always, if you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there\u2019s a better-than-even chance other readers have experienced the same and may chime in here with some helpful tips.", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-02-09T22:37:19", "type": "krebs", "title": "Microsoft Patch Tuesday, February 2021 Edition", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1472", "CVE-2021-1732", "CVE-2021-21148", "CVE-2021-24078"], "modified": "2021-02-09T22:37:19", "id": "KREBS:1BEFD58F5124A2E4CA40BD9C1B49B9B7", "href": "https://krebsonsecurity.com/2021/02/microsoft-patch-tuesday-february-2021-edition/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2021-07-28T14:46:52", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-02-10T01:20:58", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: chromium-88.0.4324.150-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21142", "CVE-2021-21143", "CVE-2021-21144", "CVE-2021-21145", "CVE-2021-21146", "CVE-2021-21147", "CVE-2021-21148"], "modified": "2021-02-10T01:20:58", "id": "FEDORA:BB03930B3A56", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:52", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-02-17T05:09:44", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: chromium-88.0.4324.150-1.fc32", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21142", "CVE-2021-21143", "CVE-2021-21144", "CVE-2021-21145", "CVE-2021-21146", "CVE-2021-21147", "CVE-2021-21148"], "modified": "2021-02-17T05:09:44", "id": "FEDORA:4E16930B130B", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "archlinux": [{"lastseen": "2021-07-28T14:33:55", "description": "Arch Linux Security Advisory ASA-202102-6\n=========================================\n\nSeverity: Critical\nDate : 2021-02-06\nCVE-ID : CVE-2021-21142 CVE-2021-21143 CVE-2021-21144 CVE-2021-21145\nCVE-2021-21146 CVE-2021-21147 CVE-2021-21148\nPackage : chromium\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1525\n\nSummary\n=======\n\nThe package chromium before version 88.0.4324.150-1 is vulnerable to\nmultiple issues including arbitrary code execution and incorrect\ncalculation.\n\nResolution\n==========\n\nUpgrade to 88.0.4324.150-1.\n\n# pacman -Syu \"chromium>=88.0.4324.150-1\"\n\nThe problems have been fixed upstream in version 88.0.4324.150.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2021-21142 (arbitrary code execution)\n\nA use after free security issue was found in the Payments component of\nthe Chromium browser before version 88.0.4324.146.\n\n- CVE-2021-21143 (arbitrary code execution)\n\nA heap buffer overflow security issue was found in the Extensions\ncomponent of the Chromium browser before version 88.0.4324.146.\n\n- CVE-2021-21144 (arbitrary code execution)\n\nA heap buffer overflow security issue was found in the Tab Groups\ncomponent of the Chromium browser before version 88.0.4324.146.\n\n- CVE-2021-21145 (arbitrary code execution)\n\nA use after free security issue was found in the Fonts component of the\nChromium browser before version 88.0.4324.146.\n\n- CVE-2021-21146 (arbitrary code execution)\n\nA use after free security issue was found in the Navigation component\nof the Chromium browser before version 88.0.4324.146.\n\n- CVE-2021-21147 (incorrect calculation)\n\nAn inappropriate implementation security issue was found in the Skia\ncomponent of the Chromium browser before version 88.0.4324.146.\n\n- CVE-2021-21148 (arbitrary code execution)\n\nA heap buffer overflow security issue was found in the V8 component of\nthe Chromium browser before version 88.0.4324.150.\n\nImpact\n======\n\nA remote attacker might be able to bypass security measures or execute\narbitrary code.\n\nReferences\n==========\n\nhttps://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop.html\nhttps://crbug.com/1169317\nhttps://crbug.com/1163504\nhttps://crbug.com/1163845\nhttps://crbug.com/1154965\nhttps://crbug.com/1161705\nhttps://crbug.com/1162942\nhttps://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html\nhttps://crbug.com/1170176\nhttps://security.archlinux.org/CVE-2021-21142\nhttps://security.archlinux.org/CVE-2021-21143\nhttps://security.archlinux.org/CVE-2021-21144\nhttps://security.archlinux.org/CVE-2021-21145\nhttps://security.archlinux.org/CVE-2021-21146\nhttps://security.archlinux.org/CVE-2021-21147\nhttps://security.archlinux.org/CVE-2021-21148", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-02-06T00:00:00", "type": "archlinux", "title": "[ASA-202102-6] chromium: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21142", "CVE-2021-21143", "CVE-2021-21144", "CVE-2021-21145", "CVE-2021-21146", "CVE-2021-21147", "CVE-2021-21148"], "modified": "2021-02-06T00:00:00", "id": "ASA-202102-6", "href": "https://security.archlinux.org/ASA-202102-6", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T16:33:56", "description": "Arch Linux Security Advisory ASA-202102-4\n=========================================\n\nSeverity: Critical\nDate : 2021-02-06\nCVE-ID : CVE-2020-16044 CVE-2021-21117 CVE-2021-21118 CVE-2021-21119\nCVE-2021-21120 CVE-2021-21121 CVE-2021-21122 CVE-2021-21123\nCVE-2021-21124 CVE-2021-21125 CVE-2021-21126 CVE-2021-21127\nCVE-2021-21128 CVE-2021-21129 CVE-2021-21130 CVE-2021-21131\nCVE-2021-21132 CVE-2021-21133 CVE-2021-21134 CVE-2021-21135\nCVE-2021-21136 CVE-2021-21137 CVE-2021-21138 CVE-2021-21139\nCVE-2021-21140 CVE-2021-21141 CVE-2021-21142 CVE-2021-21143\nCVE-2021-21144 CVE-2021-21145 CVE-2021-21146 CVE-2021-21147\nCVE-2021-21148\nPackage : vivaldi\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1478\n\nSummary\n=======\n\nThe package vivaldi before version 3.6.2165.36-1 is vulnerable to\nmultiple issues including arbitrary code execution, insufficient\nvalidation, content spoofing and incorrect calculation.\n\nResolution\n==========\n\nUpgrade to 3.6.2165.36-1.\n\n# pacman -Syu \"vivaldi>=3.6.2165.36-1\"\n\nThe problems have been fixed upstream in version 3.6.2165.36.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2020-16044 (arbitrary code execution)\n\nA security issue was found in Firefox before 84.0.2, Thunderbird before\n78.6.1 and Chromium before 88.0.4324.96. A malicious peer could have\nmodified a COOKIE-ECHO chunk in an SCTP packet in a way that\npotentially resulted in a use-after-free. Mozilla presumes that with\nenough effort it could have been exploited to run arbitrary code.\n\n- CVE-2021-21117 (insufficient validation)\n\nAn insufficient policy enforcement security issue was found in the\nCryptohome component of the Chromium browser before version\n88.0.4324.96.\n\n- CVE-2021-21118 (insufficient validation)\n\nAn insufficient data validation security issue was found in the V8\ncomponent of the Chromium browser before version 88.0.4324.96.\n\n- CVE-2021-21119 (arbitrary code execution)\n\nA use after free security issue was found in the Media component of the\nChromium browser before version 88.0.4324.96.\n\n- CVE-2021-21120 (arbitrary code execution)\n\nA use after free security issue was found in the WebSQL component of\nthe Chromium browser before version 88.0.4324.96.\n\n- CVE-2021-21121 (arbitrary code execution)\n\nA use after free security issue was found in the Omnibox component of\nthe Chromium browser before version 88.0.4324.96.\n\n- CVE-2021-21122 (arbitrary code execution)\n\nA use after free security issue was found in the Blink component of the\nChromium browser before version 88.0.4324.96.\n\n- CVE-2021-21123 (insufficient validation)\n\nAn insufficient data validation security issue was found in the File\nSystem component of the Chromium browser before version 88.0.4324.96.\n\n- CVE-2021-21124 (arbitrary code execution)\n\nA potential use after free security issue was found in the Speech\nRecognizer component of the Chromium browser before version\n88.0.4324.96.\n\n- CVE-2021-21125 (insufficient validation)\n\nAn insufficient policy enforcement security issue was found in the File\nSystem API component of the Chromium browser before version\n88.0.4324.96.\n\n- CVE-2021-21126 (insufficient validation)\n\nAn insufficient policy enforcement security issue was found in the\nextensions component of the Chromium browser before version\n88.0.4324.96.\n\n- CVE-2021-21127 (insufficient validation)\n\nAn insufficient policy enforcement security issue was found in the\nextensions component of the Chromium browser before version\n88.0.4324.96.\n\n- CVE-2021-21128 (arbitrary code execution)\n\nA heap buffer overflow security issue was found in the Blink component\nof the Chromium browser before version 88.0.4324.96.\n\n- CVE-2021-21129 (insufficient validation)\n\nAn insufficient policy enforcement security issue was found in the File\nSystem API component of the Chromium browser before version\n88.0.4324.96.\n\n- CVE-2021-21130 (insufficient validation)\n\nAn insufficient policy enforcement security issue was found in the File\nSystem API component of the Chromium browser before version\n88.0.4324.96.\n\n- CVE-2021-21131 (insufficient validation)\n\nAn insufficient policy enforcement security issue was found in the File\nSystem API component of the Chromium browser before version\n88.0.4324.96.\n\n- CVE-2021-21132 (incorrect calculation)\n\nAn inappropriate implementation security issue was found in the\nDevTools component of the Chromium browser before version 88.0.4324.96.\n\n- CVE-2021-21133 (insufficient validation)\n\nAn insufficient policy enforcement security issue was found in the\nDownloads component of the Chromium browser before version\n88.0.4324.96.\n\n- CVE-2021-21134 (content spoofing)\n\nAn incorrect security UI security issue was found in the Page Info\ncomponent of the Chromium browser before version 88.0.4324.96.\n\n- CVE-2021-21135 (incorrect calculation)\n\nAn inappropriate implementation security issue was found in the\nPerformance API component of the Chromium browser before version\n88.0.4324.96.\n\n- CVE-2021-21136 (insufficient validation)\n\nAn insufficient policy enforcement security issue was found in the\nWebView component of the Chromium browser before version 88.0.4324.96.\n\n- CVE-2021-21137 (incorrect calculation)\n\nAn inappropriate implementation security issue was found in the\nDevTools component of the Chromium browser before version 88.0.4324.96.\n\n- CVE-2021-21138 (arbitrary code execution)\n\nA use after free security issue was found in the DevTools component of\nthe Chromium browser before version 88.0.4324.96.\n\n- CVE-2021-21139 (incorrect calculation)\n\nAn inappropriate implementation security issue was found in the iframe\nsandbox component of the Chromium browser before version 88.0.4324.96.\n\n- CVE-2021-21140 (arbitrary code execution)\n\nAn uninitialized use security issue was found in the USB component of\nthe Chromium browser before version 88.0.4324.96.\n\n- CVE-2021-21141 (insufficient validation)\n\nAn insufficient policy enforcement security issue was found in the File\nSystem API component of the Chromium browser before version\n88.0.4324.96.\n\n- CVE-2021-21142 (arbitrary code execution)\n\nA use after free security issue was found in the Payments component of\nthe Chromium browser before version 88.0.4324.146.\n\n- CVE-2021-21143 (arbitrary code execution)\n\nA heap buffer overflow security issue was found in the Extensions\ncomponent of the Chromium browser before version 88.0.4324.146.\n\n- CVE-2021-21144 (arbitrary code execution)\n\nA heap buffer overflow security issue was found in the Tab Groups\ncomponent of the Chromium browser before version 88.0.4324.146.\n\n- CVE-2021-21145 (arbitrary code execution)\n\nA use after free security issue was found in the Fonts component of the\nChromium browser before version 88.0.4324.146.\n\n- CVE-2021-21146 (arbitrary code execution)\n\nA use after free security issue was found in the Navigation component\nof the Chromium browser before version 88.0.4324.146.\n\n- CVE-2021-21147 (incorrect calculation)\n\nAn inappropriate implementation security issue was found in the Skia\ncomponent of the Chromium browser before version 88.0.4324.146.\n\n- CVE-2021-21148 (arbitrary code execution)\n\nA heap buffer overflow security issue was found in the V8 component of\nthe Chromium browser before version 88.0.4324.150.\n\nImpact\n======\n\nA remote attacker might be able to bypass security measures, trick the\nuser into performing unwanted actions or execute arbitrary code.\n\nReferences\n==========\n\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2021-01/#CVE-2020-16044\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1683964\nhttps://hg.mozilla.org/mozilla-central/rev/08ba03dc8d4420e04e7c77fee3013e68180e6ead\nhttps://hg.mozilla.org/mozilla-central/rev/8c09f4813fc7e8f44605b6092262199bff15cdd7\nhttps://hg.mozilla.org/mozilla-central/rev/5991645a87d2abf289686d09d943229c9e3e54b5\nhttps://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html\nhttps://crbug.com/1137179\nhttps://crbug.com/1161357\nhttps://crbug.com/1160534\nhttps://crbug.com/1160602\nhttps://crbug.com/1161143\nhttps://crbug.com/1162131\nhttps://crbug.com/1137247\nhttps://crbug.com/1131346\nhttps://crbug.com/1152327\nhttps://crbug.com/1108126\nhttps://crbug.com/1115590\nhttps://crbug.com/1138877\nhttps://crbug.com/1140403\nhttps://crbug.com/1140410\nhttps://crbug.com/1140417\nhttps://crbug.com/1128206\nhttps://crbug.com/1157743\nhttps://crbug.com/1157800\nhttps://crbug.com/1157818\nhttps://crbug.com/1038002\nhttps://crbug.com/1093791\nhttps://crbug.com/1122487\nhttps://crbug.com/937131\nhttps://crbug.com/1136327\nhttps://crbug.com/1140435\nhttps://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop.html\nhttps://crbug.com/1169317\nhttps://crbug.com/1163504\nhttps://crbug.com/1163845\nhttps://crbug.com/1154965\nhttps://crbug.com/1161705\nhttps://crbug.com/1162942\nhttps://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html\nhttps://crbug.com/1170176\nhttps://security.archlinux.org/CVE-2020-16044\nhttps://security.archlinux.org/CVE-2021-21117\nhttps://security.archlinux.org/CVE-2021-21118\nhttps://security.archlinux.org/CVE-2021-21119\nhttps://security.archlinux.org/CVE-2021-21120\nhttps://security.archlinux.org/CVE-2021-21121\nhttps://security.archlinux.org/CVE-2021-21122\nhttps://security.archlinux.org/CVE-2021-21123\nhttps://security.archlinux.org/CVE-2021-21124\nhttps://security.archlinux.org/CVE-2021-21125\nhttps://security.archlinux.org/CVE-2021-21126\nhttps://security.archlinux.org/CVE-2021-21127\nhttps://security.archlinux.org/CVE-2021-21128\nhttps://security.archlinux.org/CVE-2021-21129\nhttps://security.archlinux.org/CVE-2021-21130\nhttps://security.archlinux.org/CVE-2021-21131\nhttps://security.archlinux.org/CVE-2021-21132\nhttps://security.archlinux.org/CVE-2021-21133\nhttps://security.archlinux.org/CVE-2021-21134\nhttps://security.archlinux.org/CVE-2021-21135\nhttps://security.archlinux.org/CVE-2021-21136\nhttps://security.archlinux.org/CVE-2021-21137\nhttps://security.archlinux.org/CVE-2021-21138\nhttps://security.archlinux.org/CVE-2021-21139\nhttps://security.archlinux.org/CVE-2021-21140\nhttps://security.archlinux.org/CVE-2021-21141\nhttps://security.archlinux.org/CVE-2021-21142\nhttps://security.archlinux.org/CVE-2021-21143\nhttps://security.archlinux.org/CVE-2021-21144\nhttps://security.archlinux.org/CVE-2021-21145\nhttps://security.archlinux.org/CVE-2021-21146\nhttps://security.archlinux.org/CVE-2021-21147\nhttps://security.archlinux.org/CVE-2021-21148", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-02-06T00:00:00", "type": "archlinux", "title": "[ASA-202102-4] vivaldi: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16044", "CVE-2021-21117", "CVE-2021-21118", "CVE-2021-21119", "CVE-2021-21120", "CVE-2021-21121", "CVE-2021-21122", "CVE-2021-21123", "CVE-2021-21124", "CVE-2021-21125", "CVE-2021-21126", "CVE-2021-21127", "CVE-2021-21128", "CVE-2021-21129", "CVE-2021-21130", "CVE-2021-21131", "CVE-2021-21132", "CVE-2021-21133", "CVE-2021-21134", "CVE-2021-21135", "CVE-2021-21136", "CVE-2021-21137", "CVE-2021-21138", "CVE-2021-21139", "CVE-2021-21140", "CVE-2021-21141", "CVE-2021-21142", "CVE-2021-21143", "CVE-2021-21144", "CVE-2021-21145", "CVE-2021-21146", "CVE-2021-21147", "CVE-2021-21148"], "modified": "2021-02-06T00:00:00", "id": "ASA-202102-4", "href": "https://security.archlinux.org/ASA-202102-4", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2021-08-29T22:24:30", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4858-1 security@debian.org\nhttps://www.debian.org/security/ Michael Gilbert\nFebruary 19, 2021 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium\nCVE ID : CVE-2021-21148 CVE-2021-21149 CVE-2021-21150 CVE-2021-21151\n CVE-2021-21152 CVE-2021-21153 CVE-2021-21154 CVE-2021-21155\n CVE-2021-21156 CVE-2021-21157\n\nSeveral vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2021-21148\n\n Mattias Buelens discovered a buffer overflow issue in the v8 javascript\n library.\n\nCVE-2021-21149\n\n Ryoya Tsukasaki discovered a stack overflow issue in the Data Transfer\n implementation.\n\nCVE-2021-21150\n\n Woojin Oh discovered a use-after-free issue in the file downloader.\n\nCVE-2021-21151\n\n Khalil Zhani discovered a use-after-free issue in the payments system.\n\nCVE-2021-21152\n\n A buffer overflow was discovered in media handling.\n\nCVE-2021-21153\n\n Jan Ruge discovered a stack overflow issue in the GPU process.\n\nCVE-2021-21154\n\n Abdulrahman Alqabandi discovered a buffer overflow issue in the Tab Strip\n implementation.\n\nCVE-2021-21155\n\n Khalil Zhani discovered a buffer overflow issue in the Tab Strip\n implementation.\n\nCVE-2021-21156\n\n Sergei Glazunov discovered a buffer overflow issue in the v8 javascript\n library.\n\nCVE-2021-21157\n\n A use-after-free issue was discovered in the Web Sockets implementation.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 88.0.4324.182-1~deb10u1.\n\nWe recommend that you upgrade your chromium packages.\n\nFor the detailed security status of chromium please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/chromium\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 8, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-20T02:30:21", "title": "[SECURITY] [DSA 4858-1] chromium security update", "type": "debian", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21148", "CVE-2021-21151", "CVE-2021-21156", "CVE-2021-21155", "CVE-2021-21150", "CVE-2021-21152", "CVE-2021-21154", "CVE-2021-21149", "CVE-2021-21153", "CVE-2021-21157"], "modified": "2021-02-20T02:30:21", "id": "DEBIAN:DSA-4858-1:7131E", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2021/msg00039.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "securelist": [{"lastseen": "2021-05-31T11:03:47", "description": "\n\n_These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data._\n\n## Quarterly figures\n\nAccording to Kaspersky Security Network, in Q1 2021:\n\n * Kaspersky solutions blocked 2,023,556,082 attacks launched from online resources across the globe.\n * 613,968,631 unique URLs were recognized as malicious by Web Anti-Virus components.\n * Attempts to run malware designed to steal money via online access to bank accounts were stopped on the computers of 118,099 users.\n * Ransomware attacks were defeated on the computers of 91,841 unique users.\n * Our File Anti-Virus detected 77,415,192 unique malicious and potentially unwanted objects.\n\n## Financial threats\n\n### Financial threat statistics\n\nAt the end of last year, the number of users attacked by malware designed to steal money from bank accounts gradually decreased, a trend that continued in Q1 2021. This quarter, in total, Kaspersky solutions blocked the malware of such type on the computers of 118,099 unique users.\n\n_Number of unique users attacked by financial malware, Q1 2021 ([download](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/05/24110545/01-en-malware-report-q1-2021-pc.png>))_\n\n**Attack geography**\n\n_To evaluate and compare the risk of being infected by banking Trojans and ATM/POS malware worldwide, for each country we calculated the share of users of Kaspersky products who faced this threat during the reporting period as a percentage of all users of our products in that country._\n\n_Geography of financial malware attacks, Q1 2021 ([download](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/05/24110629/02-en-malware-report-q1-2021-pc.png>))_\n\n**Top 10 countries by share of attacked users**\n\n| **Country*** | **%**** \n---|---|--- \n1 | Turkmenistan | 6.3 \n2 | Tajikistan | 5.3 \n3 | Afghanistan | 4.8 \n4 | Uzbekistan | 4.6 \n5 | Paraguay | 3.2 \n6 | Yemen | 2.1 \n7 | Costa Rica | 2.0 \n8 | Sudan | 2.0 \n9 | Syria | 1.5 \n10 | Venezuela | 1.4 \n \n_* Excluded are countries with relatively few Kaspersky product users (under 10,000). \n** Unique users whose computers were targeted by financial malware as a percentage of all unique users of Kaspersky products in the country._\n\nAs before, the most widespread family of bankers in Q1 was ZeuS/Zbot (30.8%). Second place was taken by the CliptoShuffler family (15.9%), and third by Trickster (7.5%). All in all, more than half of all attacked users encountered these families. The notorious banking Trojan Emotet (7.4%) was deprived of its infrastructure this quarter as a result of a [joint operation](<https://www.europol.europa.eu/newsroom/news/world's-most-dangerous-malware-emotet-disrupted-through-global-action>) by Europol, the FBI and other law enforcement agencies, and its share predictably collapsed.\n\n**Top 10 banking malware families**\n\n| Name | Verdicts | %* \n---|---|---|--- \n1 | Zbot | Trojan.Win32.Zbot | 30.8 \n2 | CliptoShuffler | Trojan-Banker.Win32.CliptoShuffler | 15.9 \n3 | Trickster | Trojan.Win32.Trickster | 7.5 \n4 | Emotet | Backdoor.Win32.Emotet | 7.4 \n5 | RTM | Trojan-Banker.Win32.RTM | 6.6 \n6 | Nimnul | Virus.Win32.Nimnul | 5.1 \n7 | Nymaim | Trojan.Win32.Nymaim | 4.7 \n8 | SpyEye | Trojan-Spy.Win32.SpyEye | 3.8 \n9 | Danabot | Trojan-Banker.Win32.Danabot | 2.9 \n10 | Neurevt | Trojan.Win32.Neurevt | 2.2 \n \n_** Unique users who encountered this malware family as a percentage of all users attacked by financial malware._\n\n## Ransomware programs\n\n### Quarterly trends and highlights\n\n**New additions to the ransomware arsenal**\n\nLast year, the SunCrypt and RagnarLocker ransomware groups adopted new scare tactics. If the victim organization is slow to pay up, even though its files are encrypted and some of its confidential data has been stolen, the attackers additionally threaten to carry out a DDoS attack. In Q1 2021, these two groups were joined by a third, Avaddon. Besides publishing stolen data, the ransomware operators said on their website that the victim would be subjected to a DDoS attack until it reached out to them.\n\nREvil (aka Sodinokibi) is another group looking to increase its extortion leverage. In addition to DDoS attacks, it has [added](<https://twitter.com/3xp0rtblog/status/1368149692383719426>) spam and calls to clients and partners of the victim company to its toolbox.\n\n**Attacks on vulnerable Exchange servers**\n\n[Serious vulnerabilities were recently discovered](<https://securelist.com/zero-day-vulnerabilities-in-microsoft-exchange-server/101096/>) in the Microsoft Exchange mail server, allowing [remote code execution](<https://encyclopedia.kaspersky.com/glossary/remote-code-execution-rce/?utm_source=securelist&utm_medium=blog&utm_campaign=termin-explanation>). Ransomware distributors wasted no time in exploiting these vulnerabilities; to date, this infection vector was seen being used by the Black Kingdom and DearCry families.\n\n**Publication of keys**\n\nThe developers of the Fonix (aka XINOF) ransomware ceased distributing their Trojan and posted the master key online for decrypting affected files. We took this key and created a [decryptor](<https://www.kaspersky.com/blog/fonix-decryptor/38646/>) that anyone can use. The developers of another strain of ransomware, Ziggy, not only [published](<https://www.bleepingcomputer.com/news/security/ziggy-ransomware-shuts-down-and-releases-victims-decryption-keys/>) the keys for all victims, but also announced their [intention](<https://www.bleepingcomputer.com/news/security/ransomware-admin-is-refunding-victims-their-ransom-payments/>) to return the money to everyone who paid up.\n\n**Law enforcement successes**\n\nLaw enforcement agencies under the US Department of Justice [seized](<https://www.justice.gov/opa/pr/department-justice-launches-global-action-against-netwalker-ransomware>) dark web resources used by NetWalker (aka Mailto) ransomware affiliates, and also brought charges against one of the alleged actors.\n\nFrench and Ukrainian law enforcers worked together to trace payments made through the Bitcoin ecosystem to Egregor ransomware distributors. The joint investigation resulted in the [arrest](<https://www.bleepingcomputer.com/news/security/egregor-ransomware-affiliates-arrested-by-ukrainian-french-police/>) of several alleged members of the Egregor gang.\n\nIn South Korea, a suspect in the GandCrab ransomware operation was [arrested](<https://www.bleepingcomputer.com/news/security/gandcrab-ransomware-affiliate-arrested-for-phishing-attacks/>) (this family ceased active distribution back in 2019).\n\n### Number of new modifications\n\nIn Q1 2021, we detected seven new ransomware families and 4,354 new modifications of this malware type.\n\n_Number of new ransomware modifications, Q1 2020 \u2013 Q1 2021 ([download](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/05/24110702/03-en-ru-es-malware-report-q1-2021-pc.png>))_\n\n### Number of users attacked by ransomware Trojans\n\nIn Q1 2021, Kaspersky products and technologies protected 91,841 users from ransomware attacks.\n\n_Number of unique users attacked by ransomware Trojans, Q1 2021 ([download](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/05/24110733/04-en-malware-report-q1-2021-pc.png>))_\n\n### Attack geography\n\n_Geography of attacks by ransomware Trojans, Q1 2021 ([download](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/05/24110802/05-en-malware-report-q1-2021-pc.png>))_\n\n**Top 10 countries attacked by ransomware Trojans**\n\n| **Country*** | **%**** \n---|---|--- \n1 | Bangladesh | 2.31% \n2 | Ethiopia | 0.62% \n3 | Greece | 0.49% \n4 | Pakistan | 0.49% \n5 | China | 0.48% \n6 | Tunisia | 0.44% \n7 | Afghanistan | 0.42% \n8 | Indonesia | 0.38% \n9 | Taiwan, Province of China | 0.37% \n10 | Egypt | 0.28% \n \n_* Excluded are countries with relatively few Kaspersky users (under 50,000). \n** Unique users attacked by ransomware Trojans as a percentage of all unique users of Kaspersky products in the country._\n\n### Top 10 most common families of ransomware Trojans\n\n| **Name** | **Verdicts** | **%*** \n---|---|---|--- \n1 | WannaCry | Trojan-Ransom.Win32.Wanna | 19.37% \n2 | (generic verdict) | Trojan-Ransom.Win32.Gen | 12.01% \n3 | (generic verdict) | Trojan-Ransom.Win32.Phny | 9.31% \n4 | (generic verdict) | Trojan-Ransom.Win32.Encoder | 8.45% \n5 | (generic verdict) | Trojan-Ransom.Win32.Agent | 7.36% \n6 | PolyRansom/VirLock | Trojan-Ransom.Win32.PolyRansom\n\nVirus.Win32.PolyRansom | 3.78% \n7 | (generic verdict) | Trojan-Ransom.Win32.Crypren | 2.93% \n8 | Stop | Trojan-Ransom.Win32.Stop | 2.79% \n9 | (generic verdict) | Trojan-Ransom.Win32.Cryptor | 2.17% \n10 | REvil/Sodinokibi | Trojan-Ransom.Win32.Sodin | 1.85% \n \n_* Unique Kaspersky users attacked by this family of ransomware Trojans as a percentage of all users attacked by such malware._\n\n## Miners\n\n### Number of new modifications\n\nIn Q1 2021, Kaspersky solutions detected 23,894 new modifications of miners. And though January and February passed off relatively calmly, March saw a sharp rise in the number of new modifications \u2014 more than fourfold compared to February.\n\n_Number of new miner modifications, Q1 2021 ([download](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/05/24110831/06-en-malware-report-q1-2021-pc.png>))_\n\n### Number of users attacked by miners\n\nIn Q1, we detected attacks using miners on the computers of 432,171 unique users of Kaspersky products worldwide. Although this figure has been rising for three months, it is premature to talk about a reversal of last year's trend, whereby the number of users attacked by miners actually fell. For now, we can tentatively assume that the growth in cryptocurrency prices, in particular bitcoin, has attracted the attention of cybercriminals and returned miners to their toolkit.\n\n_Number of unique users attacked by miners, Q1 2021 ([download](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/05/24111053/07-en-malware-report-q1-2021-pc.png>))_\n\n### Attack geography\n\n_Geography of miner attacks, Q1 2021 ([download](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/05/24111128/08-en-malware-report-q1-2021-pc.png>))_\n\n**Top 10 countries attacked by miners**\n\n| **Country*** | **%**** \n---|---|--- \n1 | Afghanistan | 4.65 \n2 | Ethiopia | 3.00 \n3 | Rwanda | 2.37 \n4 | Uzbekistan | 2.23 \n5 | Kazakhstan | 1.81 \n6 | Sri Lanka | 1.78 \n7 | Ukraine | 1.59 \n8 | Vietnam | 1.48 \n9 | Mozambique | 1.46 \n10 | Tanzania | 1.45 \n \n_* Excluded are countries with relatively few users of Kaspersky products (under 50,000). \n** Unique users attacked by miners as a percentage of all unique users of Kaspersky products in the country._\n\n## Vulnerable applications used by cybercriminals during cyber attacks\n\nIn Q1 2021, we noted a drop in the share of exploits for vulnerabilities in the Microsoft Office suite, but they still lead the pack with 59%. The most common vulnerability in the suite remains [CVE-2017-11882](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11882>), a stack buffer overflow that occurs when processing objects in the Equation Editor component. Exploits for [CVE-2015-2523](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2523>) \u2014 use-after-free vulnerabilities in Microsoft Excel \u2014 and [CVE-2018-0802](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0802>), which we've often written about, were also in demand. Note the age of these vulnerabilities \u2014 even the latest of them was discovered almost three years ago. So, once again, we remind you of the importance of regular updates.\n\nThe first quarter was rich not only in known exploits, but also new zero-day vulnerabilities. In particular, the interest of both [infosec experts](<https://securelist.com/zero-day-vulnerabilities-in-microsoft-exchange-server/101096/>) and cybercriminals was piqued by vulnerabilities in the popular Microsoft Exchange Server:\n\n * [CVE-2021-26855](<https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2021-26855>)\u2014 a service-side request forgery vulnerability that allows remote code execution (RCE)\n * [CVE-2021-26857](<https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2021-26857>)\u2014 an insecure deserialization vulnerability in the Unified Messaging service that can lead to code execution on the server\n * [CVE-2021-26858](<https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2021-26858>)\u2014 a post-authorization arbitrary file write vulnerability in Microsoft Exchange, which could also lead to remote code execution\n * [CVE-2021-27065](<https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2021-27065>)\u2014 as in the case of [CVE-2021-26858](<https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2021-26858>), allows an authorized Microsoft Exchange user to write data to an arbitrary file in the system\n\nFound [in the wild](<https://encyclopedia.kaspersky.com/glossary/exploitation-in-the-wild-itw/?utm_source=securelist&utm_medium=blog&utm_campaign=termin-explanation>), these vulnerabilities were used by APT groups, including as a springboard for ransomware distribution.\n\nDuring the quarter, vulnerabilities were also identified in Windows itself. In particular, the [CVE-2021-1732](<https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2021-1732>) vulnerability allowing privilege escalation was discovered in the Win32k subsystem. Two other vulnerabilities, [CVE-2021-1647](<https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2021-1647>) and [CVE-2021-24092](<https://nvd.nist.gov/vuln/detail/CVE-2021-24092>), were found in the Microsoft Defender antivirus engine, allowing elevation of user privileges in the system and execution of potentially dangerous code.\n\n_Distribution of exploits used by cybercriminals, by type of attacked application, Q1 2021 ([download](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/05/24111159/09-en-malware-report-q1-2021-pc.png>))_\n\nThe second most popular were exploits for browser vulnerabilities (26.12%); their share in Q1 grew by more than 12 p.p. Here, too, there was no doing without newcomers: for example, the Internet Explorer script engine was found to contain the [CVE-2021-26411](<https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2021-26411>) vulnerability, which can lead to remote code execution on behalf of the current user through manipulations that corrupt the heap memory. This vulnerability was exploited by the [Lazarus](<https://securelist.ru/tag/lazarus/>) group to download malicious code and infect the system. Several vulnerabilities were discovered in Google Chrome:\n\n * [CVE-2021-21148](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21148>)\u2014 heap buffer overflow in the V8 script engine, leading to remote code execution\n * [CVE-2021-21166](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21166>)\u2014 overflow and unsafe reuse of an object in memory when processing audio data, also enabling remote code execution\n * [CVE-2021-21139](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21139>)\u2014 bypassing security restrictions when using an iframe.\n\nOther interesting findings include a critical vulnerability in VMware vCenter Server, [CVE-2021-21972](<https://nvd.nist.gov/vuln/detail/CVE-2021-21972>), which allows remote code execution without any rights. Critical vulnerabilities in the popular SolarWinds Orion Platform \u2014 [CVE-2021-25274](<https://nvd.nist.gov/vuln/detail/CVE-2021-25274>), [CVE-2021-25275](<https://nvd.nist.gov/vuln/detail/CVE-2021-25275>) and [CVE-2021-25276](<https://nvd.nist.gov/vuln/detail/CVE-2021-25276>) \u2014 caused a major splash in the infosec environment. They gave attackers the ability to infect computers running this software, usually machines inside corporate networks and government institutions. Lastly, the [CVE-2021-21017](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21017>) vulnerability, discovered in Adobe Reader, caused a heap buffer overflow by means of a specially crafted document, giving an attacker the ability to execute code.\n\nAnalysis of network threats in Q1 2021 continued to show ongoing attempts to attack servers with a view to brute-force passwords for network services such as Microsoft SQL Server, RDP and SMB. Attacks using the popular EternalBlue, EternalRomance and other similar exploits were widespread. Among the most notable new vulnerabilities in this period were bugs in the Windows networking stack code related to handling the IPv4/IPv6 protocols: [CVE-2021-24074](<https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2021-24074>), [CVE-2021-24086](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24086>) and [CVE-2021-24094](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24094>).\n\n## Attacks on macOS\n\nQ1 2021 was also rich in macOS-related news. Center-stage were cybercriminals who took pains to modify their [malware for the newly released MacBooks with M1 processors](<https://securelist.com/malware-for-the-new-apple-silicon-platform/101137/>). Updated adware for the new Macs also immediately appeared, in particular the [Pirrit family](<https://objective-see.com/blog/blog_0x62.html>) (whose members placed high in our Top 20 threats for macOS). In addition, we detected an interesting adware program written in the Rust language, and assigned it the verdict [AdWare.OSX.Convuster.a](<https://securelist.ru/convuster-macos-adware-in-rust/100859/>).\n\n**Top 20 threats for macOS**\n\n| **Verdict** | **%*** \n---|---|--- \n1 | AdWare.OSX.Pirrit.ac | 18.01 \n2 | AdWare.OSX.Pirrit.j | 12.69 \n3 | AdWare.OSX.Pirrit.o | 8.42 \n4 | AdWare.OSX.Bnodlero.at | 8.36 \n5 | Monitor.OSX.HistGrabber.b | 8.06 \n6 | AdWare.OSX.Pirrit.gen | 7.95 \n7 | Trojan-Downloader.OSX.Shlayer.a | 7.90 \n8 | AdWare.OSX.Cimpli.m | 6.17 \n9 | AdWare.OSX.Pirrit.aa | 6.05 \n10 | Backdoor.OSX.Agent.z | 5.27 \n11 | Trojan-Downloader.OSX.Agent.h | 5.09 \n12 | AdWare.OSX.Bnodlero.bg | 4.60 \n13 | AdWare.OSX.Ketin.h | 4.02 \n14 | AdWare.OSX.Bnodlero.bc | 3.87 \n15 | AdWare.OSX.Bnodlero.t | 3.84 \n16 | AdWare.OSX.Cimpli.l | 3.75 \n17 | Trojan-Downloader.OSX.Lador.a | 3.61 \n18 | AdWare.OSX.Cimpli.k | 3.48 \n19 | AdWare.OSX.Ketin.m | 2.98 \n20 | AdWare.OSX.Bnodlero.ay | 2.94 \n \n_* Unique users who encountered this malware as a percentage of all users of Kaspersky security solutions for macOS who were attacked._\n\nTraditionally, most of the Top 20 threats for macOS are adware programs: 15 in Q1. In the list of malicious programs, Trojan-Downloader.OSX.Shlayer.a (7.90%) maintained its popularity. Incidentally, this Trojan's task is to download adware from the Pirrit and Bnodlero families. But we also saw the reverse, when a member of the AdWare.OSX.Pirrit family dropped Backdoor.OSX.Agent.z into the system.\n\n### Threat geography\n\n_Geography of threats for macOS, Q1 2021 ([download](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/05/24111228/10-en-malware-report-q1-2021-pc.png>))_\n\n**Top 10 countries by share of attacked users**\n\n| **Country*** | **%**** \n---|---|--- \n1 | France | 4.62 \n2 | Spain | 4.43 \n3 | Italy | 4.36 \n4 | India | 4.11 \n5 | Canada | 3.59 \n6 | Mexico | 3.55 \n7 | Russia | 3.21 \n8 | Brazil | 3.18 \n9 | Great Britain | 2.96 \n10 | USA | 2.94 \n \n_* Excluded from the rating are countries with relatively few users of Kaspersky security solutions for macOS (under 10,000) \n** Unique users attacked as a percentage of all users of Kaspersky security solutions for macOS in the country._\n\nIn Q1 2021, Europe accounted for the Top 3 countries by share of attacked macOS users: France (4.62%), Spain (4.43%) and Italy (4.36%). The most common threats in all three were adware apps from the Pirrit family.\n\n## IoT attacks\n\n### IoT threat statistics\n\nIn Q1 2021, most of the devices that attacked Kaspersky traps did so using the Telnet protocol. A third of the attacking devices attempted to [brute-force](<https://encyclopedia.kaspersky.com/glossary/brute-force/?utm_source=securelist&utm_medium=blog&utm_campaign=termin-explanation>) our SSH traps.\n\nTelnet | 69.48% \n---|--- \nSSH | 30.52% \n \n_Distribution of attacked services by number of unique IP addresses of devices that carried out attacks, Q1 2021_\n\nThe statistics for cybercriminal working sessions with Kaspersky honeypots show similar Telnet dominance.\n\nTelnet | 77.81% \n---|--- \nSSH | 22.19% \n \n_Distribution of cybercriminal working sessions with Kaspersky traps, Q1 2021_\n\n_Geography of IP addresses of devices from which attempts were made to attack Kaspersky Telnet traps, Q1 2021 ([download](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/05/24111259/11-en-malware-report-q1-2021-pc.png>))_\n\n**Top 10 countries by location of devices from which attacks were carried out on Kaspersky Telnet traps**\n\n** ** | **Country** | **%*** \n---|---|--- \n1 | China | 33.40 \n2 | India | 13.65 \n3 | USA | 11.56 \n4 | Russia | 4.96 \n5 | Montenegro | 4.20 \n6 | Brazil | 4.19 \n7 | Taiwan, Province of China | 2.32 \n8 | Iran | 1.85 \n9 | Egypt | 1.84 \n10 | Vietnam | 1.73 \n \n_* Devices from which attacks were carried out in the given country as a percentage of the total number of devices in that country._\n\n### SSH-based attacks\n\n_Geography of IP addresses of devices from which attempts were made to attack Kaspersky SSH traps, Q1 2021 ([download](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/05/24111335/12-en-malware-report-q1-2021-pc.png>))_\n\n**Top 10 countries by location of devices from which attacks were made on Kaspersky SSH traps**\n\n** ** | **Country** | **%*** \n---|---|--- \n1 | USA | 24.09 \n2 | China | 19.89 \n3 | Hong Kong | 6.38 \n4 | South Korea | 4.37 \n5 | Germany | 4.06 \n6 | Brazil | 3.74 \n7 | Russia | 3.05 \n8 | Taiwan, Province of China | 2.80 \n9 | France | 2.59 \n10 | India | 2.36 \n \n_* Devices from which attacks were carried out in the given country as a percentage of the total number of devices in that country._\n\n### Threats loaded into traps\n\n| Verdict | %* \n---|---|--- \n1 | Backdoor.Linux.Mirai.b | 50.50% \n2 | Trojan-Downloader.Linux.NyaDrop.b | 9.26% \n3 | Backdoor.Linux.Gafgyt.a | 3.01% \n4 | HEUR:Trojan-Downloader.Shell.Agent.bc | 2.72% \n5 | Backdoor.Linux.Mirai.a | 2.72% \n6 | Backdoor.Linux.Mirai.ba | 2.67% \n7 | Backdoor.Linux.Agent.bc | 2.37% \n8 | Trojan-Downloader.Shell.Agent.p | 1.37% \n9 | Backdoor.Linux.Gafgyt.bj | 0.78% \n10 | Trojan-Downloader.Linux.Mirai.d | 0.66% \n \n_* Share of malware type in the total number of malicious programs downloaded to IoT devices following a successful attack._\n\n## Attacks via web resources\n\n_The statistics in this section are based on Web Anti-Virus, which protects users when malicious objects are downloaded from malicious/infected web pages. Cybercriminals create such sites on purpose; web resources with user-created content (for example, forums), as well as hacked legitimate resources, can be infected._\n\n### Countries that are sources of web-based attacks: Top 10\n\n_The following statistics show the distribution by country of the sources of Internet attacks blocked by Kaspersky products on user computers (web pages with redirects to exploits, sites containing exploits and other malicious programs, botnet C&C centers, etc.). Any unique host could be the source of one or more web-based attacks._\n\n_To determine the geographical source of web-based attacks, domain names are matched against their actual domain IP addresses, and then the geographical location of a specific IP address (GEOIP) is established._\n\nIn Q1 2021, Kaspersky solutions blocked 2,023,556,082 attacks launched from online resources located across the globe. 613,968,631 unique URLs were recognized as malicious by Web Anti-Virus.\n\n_Distribution of web attack sources by country, Q1 2021 ([download](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/05/24111405/13-en-malware-report-q1-2021-pc.png>))_\n\n### Countries where users faced the greatest risk of online infection\n\nTo assess the risk of online infection faced by users in different countries, for each country we calculated the percentage of Kaspersky users on whose computers Web Anti-Virus was triggered during the quarter. The resulting data provides an indication of the aggressiveness of the environment in which computers operate in different countries.\n\nThis rating only includes attacks by malicious objects that fall under the **Malware class**; it does not include Web Anti-Virus detections of potentially dangerous or unwanted programs such as RiskTool or adware.\n\n| Country* | % of attacked users** \n---|---|--- \n1 | Belarus | 15.81 \n2 | Ukraine | 13.60 \n3 | Moldova | 13.16 \n4 | Kyrgyzstan | 11.78 \n5 | Latvia | 11.38 \n6 | Algeria | 11.16 \n7 | Russia | 11.11 \n8 | Mauritania | 11.08 \n9 | Kazakhstan | 10.62 \n10 | Tajikistan | 10.60 \n11 | Uzbekistan | 10.39 \n12 | Estonia | 10.20 \n13 | Armenia | 9.44 \n14 | Mongolia | 9.36 \n15 | France | 9.35 \n16 | Greece | 9.04 \n17 | Azerbaijan | 8.57 \n18 | Madagascar | 8.56 \n19 | Morocco | 8.55 \n20 | Lithuania | 8.53 \n \n_* Excluded are countries with relatively few Kaspersky users (under 10,000). \n** Unique users targeted by **Malware-class** attacks as a percentage of all unique users of Kaspersky products in the country._\n\n_These statistics are based on detection verdicts by the Web Anti-Virus module that were received from users of Kaspersky products who consented to provide statistical data._\n\nOn average, 7.67% of Internet user computers worldwide experienced at least one **Malware-class** attack.\n\n_Geography of web-based malware attacks, Q1 2021 ([download](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/05/24111435/14-en-malware-report-q1-2021-pc.png>))_\n\n## Local threats\n\n_In this section, we analyze statistical data obtained from the OAS and ODS modules in Kaspersky products. It takes into account malicious programs that were found directly on users' computers or removable media connected to them (flash drives, camera memory cards, phones, external hard drives), or which initially made their way onto the computer in non-open form (for example, programs in complex installers, encrypted files, etc.)._\n\nIn Q1 2021, our File Anti-Virus detected **77,415,192** malicious and potentially unwanted objects.\n\n### Countries where users faced the highest risk of local infection\n\nFor each country, we calculated the percentage of Kaspersky product users on whose computers File Anti-Virus was triggered during the reporting period. These statistics reflect the level of personal computer infection in different countries.\n\nNote that this rating only includes attacks by malicious programs that fall under the **Malware class**; it does not include File Anti-Virus triggers in response to potentially dangerous or unwanted programs, such as RiskTool or adware.\n\n| Country* | % of attacked users** \n---|---|--- \n1 | Afghanistan | 47.71 \n2 | Turkmenistan | 43.39 \n3 | Ethiopia | 41.03 \n4 | Tajikistan | 38.96 \n5 | Bangladesh | 36.21 \n6 | Algeria | 35.49 \n7 | Myanmar | 35.16 \n8 | Uzbekistan | 34.95 \n9 | South Sudan | 34.17 \n10 | Benin | 34.08 \n11 | China | 33.34 \n12 | Iraq | 33.14 \n13 | Laos | 32.84 \n14 | Burkina Faso | 32.61 \n15 | Mali | 32.42 \n16 | Guinea | 32.40 \n17 | Yemen | 32.32 \n18 | Mauritania | 32.22 \n19 | Burundi | 31.68 \n20 | Sudan | 31.61 \n \n_* Excluded are countries with relatively few Kaspersky users (under 10,000)._ \n_** Unique users on whose computers **Malware-class** local threats were blocked, as a percentage of all unique users of Kaspersky products in the country._\n\n_Geography of local infection attempts, Q1 2021 ([download](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/05/24111505/15-en-malware-report-q1-2021-pc.png>))_\n\nOverall, 15.05% of user computers globally faced at least one **Malware-class** local threat during Q1.", "cvss3": {}, "published": "2021-05-31T10:00:05", "type": "securelist", "title": "IT threat evolution Q1 2021. Non-mobile statistics", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2015-2523", "CVE-2017-11882", "CVE-2018-0802", "CVE-2021-1647", "CVE-2021-1732", "CVE-2021-21017", "CVE-2021-21139", "CVE-2021-21148", "CVE-2021-21166", "CVE-2021-21972", "CVE-2021-24074", "CVE-2021-24086", "CVE-2021-24092", "CVE-2021-24094", "CVE-2021-25274", "CVE-2021-25275", "CVE-2021-25276", "CVE-2021-26411", "CVE-2021-26855", "CVE-2021-26857", "CVE-2021-26858", "CVE-2021-27065"], "modified": "2021-05-31T10:00:05", "id": "SECURELIST:20C7BC6E3C43CD3D939A2E3EAE01D4C1", "href": "https://securelist.com/it-threat-evolution-q1-2021-non-mobile-statistics/102425/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "rapid7blog": [{"lastseen": "2021-02-10T00:48:57", "description": "\n\nThe second Patch Tuesday of 2021 is relatively light on the vulnerability count, with 64 CVEs being addressed across the majority of Microsoft\u2019s product families. Despite that, there\u2019s still plenty to discuss this month.\n\n### Vulnerability Breakdown by Software Family\n\nFamily | Vulnerability Count \n---|--- \nWindows | 28 \nESU | 14 \nMicrosoft Office | 11 \nBrowser | 9 \nDeveloper Tools | 8 \nMicrosoft Dynamics | 2 \nExchange Server | 2 \nAzure | 2 \nSystem Center | 2 \n \n### Exploited and Publicly Disclosed Vulnerabilities\n\nOne zero-day was announced: [CVE-2021-1732](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1732>) is a privilege elevation vulnerability affecting the Win32k component of Windows 10 and Windows Server 2019, reported to be exploited in the wild. Four vulnerabilities have been previously disclosed: [CVE-2021-1727](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1727>), a privilege elevation vulnerability in Windows Installer, affecting all supported versions of Windows; [CVE-2021-24098](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24098>), which is a denial of service (DoS) affecting Windows 10 and Server 2019; [CVE-2021-24106](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24106>), an information disclosure vulnerability affecting DirectX in Windows 10 and Server 2019; and [CVE-2021-26701](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26701>), an RCE in .NET Core.\n\n### Vulnerabilities in Windows TCP/IP\n\nMicrosoft also disclosed a set of [three serious vulnerabilities](<https://msrc-blog.microsoft.com/2021/02/09/multiple-security-updates-affecting-tcp-ip/>) affecting the TCP/IP networking stack in all supported versions of Windows. Two of these ([CVE-2021-24074](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24074>) and [CVE-2021-24094](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24094>)) carry a base CVSSv3 score of 9.8 and could allow Remote Code Execution (RCE). [CVE-2021-24094](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24094>) is specific to IPv6 link-local addresses, meaning it isn\u2019t exploitable over the public internet. [CVE-2021-24074](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24074>), however, does not have this limitation. The third, [CVE-2021-24086](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24086>), is a DoS vulnerability that could allow an attacker to trigger a \u201cblue screen of death\u201d on any Windows system that is directly exposed to the internet, using only a small amount of network traffic. The RCE exploits are probably not a threat in the short term, due to the complexity of the vulnerabilities, but DoS attacks are expected to be seen much more quickly. Windows systems should be patched as soon as possible to protect against these.\n\nIn the event a patch cannot be applied immediately, such as on systems that cannot be rebooted, Microsoft has published mitigation guidance that will protect against exploitation of the TCP/IP vulnerabilities. Depending on the exposure of an asset, IPv4 Source Routing should be disabled via a Group Policy or a Netsh command, and IPv6 packet reassembly should be disabled via a separate Netsh command. IPv4 Source Routing requests and IPv6 fragments can also be blocked load balancers, firewalls, or other edge devices to mitigate these issues.\n\n### Zerologon Update\n\nBack in August, 2020, Microsoft addressed a critical remote code vulnerability (CVE-2020-1472) affecting the Netlogon protocol (MS-NRPC), a.k.a. \u201c[Zerologon](<https://blog.rapid7.com/2020/09/14/cve-2020-1472-zerologon-critical-privilege-escalation/>)\u201d. In October, Microsoft [noted](<https://msrc-blog.microsoft.com/2020/10/29/attacks-exploiting-netlogon-vulnerability-cve-2020-1472/>) that attacks which exploit this weakness have been seen in the wild. On January 14, 2021, they [reminded](<https://msrc-blog.microsoft.com/2021/01/14/netlogon-domain-controller-enforcement-mode-is-enabled-by-default-beginning-with-the-february-9-2021-security-update-related-to-cve-2020-1472/>) organizations that the February 2021 security update bundle will also be enabling \u201cDomain Controller enforcement mode\" by default to fully address this weakness. Any system that tries to make an insecure Netlogon connection will be denied access. Any business-critical process that relies on these insecure connections will cease to function. Rapid7 encourages all organizations to [heed the detailed guidance](<https://support.microsoft.com/en-us/topic/how-to-manage-the-changes-in-netlogon-secure-channel-connections-associated-with-cve-2020-1472-f7e8cc17-0309-1d6a-304e-5ba73cd1a11e#bkmk_detectingnon_compliant>) before applying the latest updates to ensure continued business process continuity.\n\n### Adobe\n\nMost important amongst the [six security advisories](<https://helpx.adobe.com/security.html>) published by Adobe today is [APSB21-09](<https://helpx.adobe.com/security/products/acrobat/apsb21-09.html>), detailing 23 CVEs affecting Adobe Acrobat and Reader. Six of these are rated Critical and allow Arbitrary Code Execution, and one of which (CVE-2021-21017), has been seen exploited in the wild in attacks targeting Adobe Reader users on Windows.\n\n### Summary Tables\n\n#### Azure Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Publicly Disclosed | CVSSv3 Base Score | FAQ? \n---|---|---|---|---|--- \n[CVE-2021-24109](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24109>) | Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | No | No | 6.8 | Yes \n[CVE-2021-24087](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24087>) | Azure IoT CLI extension Elevation of Privilege Vulnerability | No | No | 7 | Yes \n \n#### Browser Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Publicly Disclosed | CVSSv3 Base Score | FAQ? \n---|---|---|---|---|--- \n[CVE-2021-24100](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24100>) | Microsoft Edge for Android Information Disclosure Vulnerability | No | No | 5 | Yes \n[CVE-2021-24113](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24113>) | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | No | No | 4.6 | Yes \n[CVE-2021-21148](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21148>) | Chromium CVE-2021-21148: Heap buffer overflow in V8 | N/A | N/A | nan | Yes \n[CVE-2021-21147](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21147>) | Chromium CVE-2021-21147: Inappropriate implementation in Skia | N/A | N/A | nan | Yes \n[CVE-2021-21146](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21146>) | Chromium CVE-2021-21146: Use after free in Navigation | N/A | N/A | nan | Yes \n[CVE-2021-21145](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21145>) | Chromium CVE-2021-21145: Use after free in Fonts | N/A | N/A | nan | Yes \n[CVE-2021-21144](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21144>) | Chromium CVE-2021-21144: Heap buffer overflow in Tab Groups | N/A | N/A | nan | Yes \n[CVE-2021-21143](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21143>) | Chromium CVE-2021-21143: Heap buffer overflow in Extensions | N/A | N/A | nan | Yes \n[CVE-2021-21142](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-21142>) | Chromium CVE-2021-21142: Use after free in Payments | N/A | N/A | nan | Yes \n \n#### Developer Tools Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Publicly Disclosed | CVSSv3 Base Score | FAQ? \n---|---|---|---|---|--- \n[CVE-2021-26700](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26700>) | Visual Studio Code npm-script Extension Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-1639](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1639>) | Visual Studio Code Remote Code Execution Vulnerability | No | No | 7 | No \n[CVE-2021-1733](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1733>) | Sysinternals PsExec Elevation of Privilege Vulnerability | No | Yes | 7.8 | Yes \n[CVE-2021-24105](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24105>) | Package Managers Configurations Remote Code Execution Vulnerability | No | No | 8.4 | Yes \n[CVE-2021-24111](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24111>) | .NET Framework Denial of Service Vulnerability | No | No | 7.5 | No \n[CVE-2021-1721](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1721>) | .NET Core and Visual Studio Denial of Service Vulnerability | No | Yes | 6.5 | No \n[CVE-2021-26701](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26701>) | .NET Core Remote Code Execution Vulnerability | No | Yes | 8.1 | Yes \n[CVE-2021-24112](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24112>) | .NET Core Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n \n#### ESU Windows Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Publicly Disclosed | CVSSv3 Base Score | FAQ? \n---|---|---|---|---|--- \n[CVE-2021-24080](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24080>) | Windows Trust Verification API Denial of Service Vulnerability | No | No | 6.5 | No \n[CVE-2021-24074](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24074>) | Windows TCP/IP Remote Code Execution Vulnerability | No | No | 9.8 | Yes \n[CVE-2021-24094](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24094>) | Windows TCP/IP Remote Code Execution Vulnerability | No | No | 9.8 | Yes \n[CVE-2021-24086](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24086>) | Windows TCP/IP Denial of Service Vulnerability | No | No | 7.5 | Yes \n[CVE-2021-1734](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1734>) | Windows Remote Procedure Call Information Disclosure Vulnerability | No | No | 7.5 | Yes \n[CVE-2021-25195](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-25195>) | Windows PKU2U Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-24088](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24088>) | Windows Local Spooler Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-1727](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1727>) | Windows Installer Elevation of Privilege Vulnerability | No | Yes | 7.8 | No \n[CVE-2021-24077](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24077>) | Windows Fax Service Remote Code Execution Vulnerability | No | No | 9.8 | Yes \n[CVE-2021-1722](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1722>) | Windows Fax Service Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2021-24102](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24102>) | Windows Event Tracing Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-24103](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24103>) | Windows Event Tracing Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-24078](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24078>) | Windows DNS Server Remote Code Execution Vulnerability | No | No | 9.8 | Yes \n[CVE-2021-24083](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24083>) | Windows Address Book Remote Code Execution Vulnerability | No | No | 7.8 | No \n \n#### Exchange Server Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Publicly Disclosed | CVSSv3 Base Score | FAQ? \n---|---|---|---|---|--- \n[CVE-2021-24085](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24085>) | Microsoft Exchange Server Spoofing Vulnerability | No | No | 6.5 | Yes \n[CVE-2021-1730](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1730>) | Microsoft Exchange Server Spoofing Vulnerability | No | No | 5.4 | Yes \n \n#### Microsoft Dynamics Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Publicly Disclosed | CVSSv3 Base Score | FAQ? \n---|---|---|---|---|--- \n[CVE-2021-1724](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1724>) | Microsoft Dynamics Business Central Cross-site Scripting Vulnerability | No | No | 6.1 | No \n[CVE-2021-24101](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24101>) | Microsoft Dataverse Information Disclosure Vulnerability | No | No | 6.5 | Yes \n \n#### Microsoft Office Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Publicly Disclosed | CVSSv3 Base Score | FAQ? \n---|---|---|---|---|--- \n[CVE-2021-24073](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24073>) | Skype for Business and Lync Spoofing Vulnerability | No | No | 6.5 | No \n[CVE-2021-24099](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24099>) | Skype for Business and Lync Denial of Service Vulnerability | No | No | 6.5 | No \n[CVE-2021-24114](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24114>) | Microsoft Teams iOS Information Disclosure Vulnerability | No | No | 5.7 | Yes \n[CVE-2021-1726](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1726>) | Microsoft SharePoint Spoofing Vulnerability | No | No | 8 | Yes \n[CVE-2021-24072](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24072>) | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-24066](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24066>) | Microsoft SharePoint Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2021-24071](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24071>) | Microsoft SharePoint Information Disclosure Vulnerability | No | No | 5.3 | Yes \n[CVE-2021-24067](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24067>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-24068](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24068>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-24069](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24069>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-24070](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24070>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n \n## System Center Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Publicly Disclosed | CVSSv3 Base Score | FAQ? \n---|---|---|---|---|--- \n[CVE-2021-1728](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1728>) | System Center Operations Manager Elevation of Privilege Vulnerability | No | No | 8.8 | Yes \n[CVE-2021-24092](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24092>) | Microsoft Defender Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n \n#### Windows Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Publicly Disclosed | CVSSv3 Base Score | FAQ? \n---|---|---|---|---|--- \n[CVE-2021-1732](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1732>) | Windows Win32k Elevation of Privilege Vulnerability | Yes | No | 7.8 | No \n[CVE-2021-1698](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1698>) | Windows Win32k Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-24075](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24075>) | Windows Network File System Denial of Service Vulnerability | No | No | 6.8 | No \n[CVE-2021-24084](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24084>) | Windows Mobile Device Management Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-24096](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24096>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-24093](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24093>) | Windows Graphics Component Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2021-24106](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24106>) | Windows DirectX Information Disclosure Vulnerability | No | Yes | 5.5 | Yes \n[CVE-2021-24098](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24098>) | Windows Console Driver Denial of Service Vulnerability | No | Yes | 5.5 | Yes \n[CVE-2021-24091](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24091>) | Windows Camera Codec Pack Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-24079](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24079>) | Windows Backup Engine Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-1731](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1731>) | PFX Encryption Security Feature Bypass Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-24082](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24082>) | Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability | No | No | 4.3 | No \n[CVE-2021-24076](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24076>) | Microsoft Windows VMSwitch Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-24081](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24081>) | Microsoft Windows Codecs Library Remote Code Execution Vulnerability | No | No | 7.8 | No \n \n### Summary Charts\n\n\n\n________Note: _______Chart_______ data is reflective of data presented by Microsoft's CVRF at the time of writing.________", "cvss3": {}, "published": "2021-02-09T23:51:27", "type": "rapid7blog", "title": "Patch Tuesday - February 2021", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2020-1472", "CVE-2021-1639", "CVE-2021-1698", "CVE-2021-1721", "CVE-2021-1722", "CVE-2021-1724", "CVE-2021-1726", "CVE-2021-1727", "CVE-2021-1728", "CVE-2021-1730", "CVE-2021-1731", "CVE-2021-1732", "CVE-2021-1733", "CVE-2021-1734", "CVE-2021-21017", "CVE-2021-21142", "CVE-2021-21143", "CVE-2021-21144", "CVE-2021-21145", "CVE-2021-21146", "CVE-2021-21147", "CVE-2021-21148", "CVE-2021-24066", "CVE-2021-24067", "CVE-2021-24068", "CVE-2021-24069", "CVE-2021-24070", "CVE-2021-24071", "CVE-2021-24072", "CVE-2021-24073", "CVE-2021-24074", "CVE-2021-24075", "CVE-2021-24076", "CVE-2021-24077", "CVE-2021-24078", "CVE-2021-24079", "CVE-2021-24080", "CVE-2021-24081", "CVE-2021-24082", "CVE-2021-24083", "CVE-2021-24084", "CVE-2021-24085", "CVE-2021-24086", "CVE-2021-24087", "CVE-2021-24088", "CVE-2021-24091", "CVE-2021-24092", "CVE-2021-24093", "CVE-2021-24094", "CVE-2021-24096", "CVE-2021-24098", "CVE-2021-24099", "CVE-2021-24100", "CVE-2021-24101", "CVE-2021-24102", "CVE-2021-24103", "CVE-2021-24105", "CVE-2021-24106", "CVE-2021-24109", "CVE-2021-24111", "CVE-2021-24112", "CVE-2021-24113", "CVE-2021-24114", "CVE-2021-25195", "CVE-2021-26700", "CVE-2021-26701"], "modified": "2021-02-09T23:51:27", "id": "RAPID7BLOG:44EA89871AFF6881B909B9FD0E07034F", "href": "https://blog.rapid7.com/2021/02/09/patch-tuesday-february-2021/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2021-05-01T00:28:21", "description": "### Background\n\nChromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. \n\nGoogle Chrome is one fast, simple, and secure browser for all your devices. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nPlease review the referenced CVE identifiers for details.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Chromium users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/chromium-90.0.4430.93\"\n \n\nAll Google Chrome users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/google-chrome-90.0.4430.93\"", "edition": 2, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-04-30T00:00:00", "title": "Chromium, Google Chrome: Multiple vulnerabilities", "type": "gentoo", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21148", "CVE-2021-21168", "CVE-2021-21173", "CVE-2021-21206", "CVE-2021-21151", "CVE-2021-21185", "CVE-2021-21230", "CVE-2021-21211", "CVE-2021-21192", "CVE-2021-21165", "CVE-2021-21208", "CVE-2021-21218", "CVE-2021-21219", "CVE-2021-21214", "CVE-2021-21179", "CVE-2021-21145", "CVE-2021-21146", "CVE-2021-21196", "CVE-2021-21195", "CVE-2021-21147", "CVE-2021-21171", "CVE-2021-21202", "CVE-2021-21201", "CVE-2021-21161", "CVE-2021-21233", "CVE-2021-21178", "CVE-2021-21176", "CVE-2021-21159", "CVE-2021-21228", "CVE-2021-21187", "CVE-2021-21180", "CVE-2021-21215", "CVE-2021-21170", "CVE-2021-21156", "CVE-2021-21212", "CVE-2021-21213", "CVE-2021-21162", "CVE-2021-21143", "CVE-2021-21207", "CVE-2021-21181", "CVE-2021-21155", "CVE-2021-21203", "CVE-2021-21167", "CVE-2021-21199", "CVE-2021-21150", "CVE-2021-21172", "CVE-2021-21152", "CVE-2021-21229", "CVE-2021-21191", "CVE-2021-21205", "CVE-2021-21163", "CVE-2021-21186", "CVE-2021-21217", "CVE-2021-21220", "CVE-2021-21226", "CVE-2021-21193", "CVE-2021-21166", "CVE-2021-21204", "CVE-2021-21223", "CVE-2021-21194", "CVE-2021-21154", "CVE-2021-21175", "CVE-2021-21216", "CVE-2021-21198", "CVE-2021-21149", "CVE-2021-21160", "CVE-2021-21209", "CVE-2021-21221", "CVE-2021-21184", "CVE-2021-21144", "CVE-2021-21188", "CVE-2021-2119", "CVE-2021-21174", "CVE-2021-21222", "CVE-2021-21177", "CVE-2021-21142", "CVE-2021-21227", "CVE-2021-21189", "CVE-2021-21182", "CVE-2021-21210", "CVE-2021-21224", "CVE-2021-21231", "CVE-2021-21183", "CVE-2021-21225", "CVE-2021-21169", "CVE-2021-21197", "CVE-2021-21153", "CVE-2021-21232", "CVE-2021-21157"], "modified": "2021-04-30T00:00:00", "id": "GLSA-202104-08", "href": "https://security.gentoo.org/glsa/202104-08", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}
