Lucene search

K
kasperskyKaspersky LabKLA61888
HistoryNov 07, 2023 - 12:00 a.m.

KLA61888 DoS vulnerability in Google Chrome

2023-11-0700:00:00
Kaspersky Lab
threats.kaspersky.com
16
google chrome
dos vulnerability
denial of service
arbitrary code
update
exploit
cve-2023-5996
ace
kla61888
severity high

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.002

Percentile

61.0%

Use after free vulnerability was found in Google Chrome. Malicious users can exploit this vulnerability to cause denial of service, execute arbitrary code.

Original advisories

Chrome Releases: Stable Channel Update for Desktop

Related products

Google-Chrome

CVE list

CVE-2023-5996 critical

Solution

Update to the latest version

Download Google Chrome

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

  • Google Chrome earlier than 119.0.6045.123

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.002

Percentile

61.0%