Google Chrome Vulnerability - 20230607001¶
Overview¶
The WA SOC has observed a vulnerability in Google Chrome prior to versions 114.0.5735.110 that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page.
What is the vulnerability?¶
CVE-2023-3079 - No provided CVSS v3 Base Score, but Chromium Security Severity level listed as High.
What is vulnerable?¶
The vulnerability affects the following products:
- Google Chrome for Windows prior to 114.0.5735.110
- Google Chrome for Mac and Linux prior to 114.0.5735.106
What has been observed?¶
There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing, however there is known extensive use of Google Chrome and Chromium-based browsers across agencies.
Recommendation¶
The WA SOC recommends administrators upgrade to version 114.0.5735.110 for Windows and 114.0.5735.106 for macOS and Linux to mitigate potential threats. Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available: Vendor URL