Vulnerability Management

Google issues Chrome update patching possible zero day

Google issued a patch for CVE-2020-6418 that is currently being exploited in the wild.

The vulnerability is a confusion vulnerability in V8, Google Chrome’s open-source JavaScript and WebAssembly engine and rated as a “high” threat by Google.

“Google is aware of reports that an exploit for CVE-2020-6418 exists in the wild,” Google stated.

Tenable researchers noted that this could mean the vulnerability was exploited as a zero day.

At this time the company is not releasing any further details on the bug, but the company noted there is a fix available and can be applied by updating to Chrome version 80.0.3987.122 for Windows, Mac and Linux.

Related

Updated CISA vulnerabilities catalog includes GeoVision IoT bugs

Ongoing attacks leveraging a pair of critical operating system command injection flaws impacting GeoVision Internet of Things devices, tracked as CVE-2024-6047 and CVE-2024-11120, have prompted their inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the security flaws by May 28, according to Security Affairs.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

BugBuffer OverflowDisassembly

You can skip this ad in 5 seconds