Kaspersky LabKLA12236KLA12236 Multiple vulnerabilities in Google Chrome
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.1 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.3%
Detect date:
07/20/2021
Severity:
High
Description:
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, cause denial of service, spoof user interface, obtain sensitive information, perform cross-site scripting attack.
Exploitation:
Public exploits exist for this vulnerability.
Affected products:
Google Chrome earlier than 92.0.4515.107
Solution:
Update to the latest version
Download Google Chrome
Original advisories:
Stable Channel Update for Desktop
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2021-305719.6Critical
CVE-2021-305818.8Critical
CVE-2021-305777.8Critical
CVE-2021-305658.8Critical
CVE-2021-305868.8Critical
CVE-2021-305836.5High
CVE-2021-305874.3Warning
CVE-2021-305688.8Critical
CVE-2021-305826.5High
CVE-2021-305846.5High
CVE-2021-305758.8Critical
CVE-2021-305738.8Critical
CVE-2021-305768.8Critical
CVE-2021-305728.8Critical
CVE-2021-305678.8Critical
CVE-2021-305748.8Critical
CVE-2021-305798.8Critical
CVE-2021-305668.8Critical
CVE-2021-305698.8Critical
CVE-2021-305806.5High
CVE-2021-305894.3Warning
CVE-2021-305788.8Critical
CVE-2021-305888.8Critical
CVE-2021-305858.8Critical
References
chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop_20.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30565
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30566
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30567
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30568
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30569
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30571
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30572
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30573
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30574
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30575
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30576
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30577
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30578
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30579
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30580
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30581
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30582
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30583
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30584
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30585
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30586
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30587
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30588
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30589
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Google-Chrome/
www.google.com/chrome/
Related
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.1 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.3%