Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Active Exploitation of High-Severity Vulnerabilities in Google Chrome
Alerts

Active Exploitation of High-Severity Vulnerabilities in Google Chrome

27 May 2024

There have been reports of active exploitation of high-severity vulnerabilities (CVE-2024-4947 and CVE-2024-5274) affecting Google Chrome. The vulnerabilities are caused by a Type Confusion bug in the V8 JavaScript engine and also affect other Chromium-based browsers, including Microsoft Edge.

Successful exploitation of the vulnerabilities could allow an attacker to perform remote code execution via a crafted malicious HTML page.

The vulnerabilities affect Google Chrome versions prior to 125.0.6422.112.

Users and administrators of affected product versions and other Chromium-based browsers are advised to update to the latest version immediately.

More information is available here:

https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_23.html

https://nvd.nist.gov/vuln/detail/CVE-2024-4947

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-4947

Back to top