8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.192 Low
EPSS
Percentile
96.2%
04/17/2018
Critical
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, cause denial of service, spoof user interface, gain privileges, execute arbitrary code and perform unspecified attacks.
Google Chrome earlier than 66.0.3359.117
Update to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk.
Google Chrome download page
Stable Channel Update for Desktop
ACE
CVE-2018-60856.8High
CVE-2018-60866.8High
CVE-2018-60876.8High
CVE-2018-60886.8High
CVE-2018-60894.3Warning
CVE-2018-60906.8High
CVE-2018-60914.3Warning
CVE-2018-60926.8High
CVE-2018-60934.3Warning
CVE-2018-60946.8High
CVE-2018-60954.3Warning
CVE-2018-60964.3Warning
CVE-2018-60974.3Warning
CVE-2018-60984.3Warning
CVE-2018-60994.3Warning
CVE-2018-61004.3Warning
CVE-2018-61015.1High
CVE-2018-61024.3Warning
CVE-2018-61034.3Warning
CVE-2018-61044.3Warning
CVE-2018-61054.3Warning
CVE-2018-61066.8High
CVE-2018-61074.3Warning
CVE-2018-61084.3Warning
CVE-2018-61094.3Warning
CVE-2018-61105.8High
CVE-2018-61116.8High
CVE-2018-61124.3Warning
CVE-2018-61134.3Warning
CVE-2018-61144.3Warning
CVE-2018-61154.3Warning
CVE-2018-61164.3Warning
CVE-2018-61174.3Warning
CVE-2018-60847.2High
Public exploits exist for this vulnerability.
chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6084
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6085
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6086
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6087
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6088
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6089
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6090
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6091
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6092
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6093
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6094
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6095
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6096
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6097
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6098
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6099
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6100
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6101
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6102
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6103
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6104
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6105
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6106
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6107
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6108
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6109
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6110
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6111
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6112
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6113
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6114
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6115
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6116
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6117
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Google-Chrome/
www.google.com/chrome/browser/desktop/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.192 Low
EPSS
Percentile
96.2%