Zero Day

Chrome Zero Day Alert, Integer Overflow in Skia

By

By

Access Point Consulting

Summary

Google Chrome versions prior to 119.0.6045.199 are vulnerable to CVE-2023-6345 (CVSS v3: 8.8) a vulnerability with evidence of active exploitation. An integer overflow exists in Skia which allows a remote attacker who had compromised the renderer process to potentially perform a sandbox escape with a malicious file.

Impact Assessment

This vulnerability impacts the Skia graphics renderer present in Google Chrome, which manages nearly all graphics operations within the browser. This vulnerability is present in Google Chrome, but expect this vulnerability to also impact ChromeOS, Android, Flutter, Mozilla Firefox, and other products because Skia is used by a variety of systems. This is not the first time Skia has had a serious vulnerability. Consider CVE-2023-2136 from earlier this year. This product has been exploited in the past with similar vulnerabilities. If your organization uses Google Chrome in a sandbox environment to test malware, this vulnerabililty is especially dangerous because it permits a sandbox escape that can potentially allow malware to infest the quarantined environment. The attacker could them move laterally through the network. This is done through an integer overflow flaw in the Skia graphics renderer which results in the program performing incorrect calculations where the number received by the program is larger than the available space allotted. Attackers can make use of these incorrect numbers to perform exploits.

What it means for you

Updating Google chrome to the latest version is recommended for all business cases whether you are a user or part of an organization. If you do not use Google Chrome, you will still need to be aware of this vulnerability as it has a high chance of impacting other browsers and operating systems. Stay informed.

Remediation

Updating Google Chrome browser to 119.0.6045.199 or later will remediate this vulnerability.

Business Implications

This vulnerability has the potential to compromise the most secure portions of any network which should be used for testing malware/programs in a supposed safe environment. Monetary loss and data loss are potential outcomes resulting from exploitation from disaster recovery and potential malware infections. Network configurations and safeguards can prevent this vulnerability from being as impactful as it could be.

Access Point Technology Recommends

Patch: Patch Google Chrome to the latest version available which is 119.0.6045.199/200 or later for remediation of this vulnerability.

Stay Informed: This vulnerability has potential to impact other browsers and operating systems besides Chrome, keep track of this vulnerability and prepare for patches from other vendors.

Apply proper network configurations: The impact of this vulnerability can be lessened by applying proper network segmentation.

Associated Bulletins

https://www.chromium.org/developers/design-documents/graphics-and-skia/

https://www.tenable.com/cve/CVE-2023-6345

https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_28.html

Resources

Trending Articles & Security Reports

Resources

CyberWatch

November 22, 2024

Patch Updates, New Malware Threats, and the Ongoing Supply Chain Battle

On this episode of the CyberWatch podcast, there are updates to software across the application and OS spectrum. New malicious campaigns are threatening victims of all sizes, and researchers have performed dissections on malware to give defenders new clues about just what it is they're fighting. All this today, in CyberWatch.

Find out more
October 25, 2024

Ransomware, Supply Chain Attacks, and Nation-State Threats

CyberWatch, by Access Point Consulting, is your weekly source for emerging cybersecurity news, regulatory updates, and threat intelligence. Backed by experts in security consulting, regulatory compliance, and security operations, Access Point enables you to manage cyber risks, respond to incidents, and drive innovation in your company. Read here or on our website; listen on Spotify or Apple Podcasts; or watch on YouTube.website; listen on Spotify or Apple Podcasts; or watch on YouTube. .

Find out more
October 7, 2024

VINs and Losses: How Hackers Take Kias for a Ride

In the age of smart cars and connected devices, convenience often comes with hidden risks. A recently discovered critical vulnerability in Kia vehicles serves as a stark reminder of how our increasingly digital world is making cars new targets for cyberattacks. This vulnerability allowed hackers to remotely control various vehicle functions—using nothing more than a car's license plate number. It highlights the growing threat of cyberattacks on connected cars and the importance of cybersecurity in the automotive industry.

Find out more