Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Active Exploitation of High-Severity Vulnerabilities in Google Chrome
Alerts

Active Exploitation of High-Severity Vulnerabilities in Google Chrome

27 May 2024

There have been reports of active exploitation of high-severity vulnerabilities (CVE-2024-4947 and CVE-2024-5274) affecting Google Chrome. The vulnerabilities are caused by a Type Confusion bug in the V8 JavaScript engine and also affect other Chromium-based browsers, including Microsoft Edge.

Successful exploitation of the vulnerabilities could allow an attacker to perform remote code execution via a crafted malicious HTML page.

The vulnerabilities affect Google Chrome versions prior to 125.0.6422.112.

Users and administrators of affected product versions and other Chromium-based browsers are advised to update to the latest version immediately.

More information is available here:

https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_23.html

https://nvd.nist.gov/vuln/detail/CVE-2024-4947

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-4947

Back to top