[CDP-development] TLP:GREEN (Vulnerability Notification) CVE-2024-7965 -Google Chromium V8 Inappropriate Implementation Vulnerability

CSS Security Operations Services * DAS css-soc-services at das.oregon.gov
Wed Aug 28 12:45:17 PDT 2024 

Good afternoon,

The SOC Services team is reporting on the vulnerability: CVE-2024-7965 - Google Chromium V8 Inappropriate Implementation Vulnerability.  Due to its release by CISA to its Known Exploited Vulnerabilities, knowledge of the software installed in the state environment, and active exploitations, we are providing this in-depth information:

History: On August 26, 2024, CISA included CVE-2024-7965, Google Chromium V8 Inappropriate Implementation Vulnerability.  CVE-2024-7971 has been assigned a CVSSv3 rating of 8.8 (High). The current CVE was established on August 21, 2024.

The following products are affected:

  *   Google Chrome for Windows and Mac < 128.0.6613.84/85
  *   Google Chrome for Linux < 128.0.6613.84

Patches are available from Google to fix the vulnerabilities.  The fixed versions are:

  *   Google Chrome for Windows and Mac 128.0.66.13.84/85
  *   Google Chrome for Linux 128.0.6613.84

Further information is available from Google as published in their Chrome Release notes:

  *   Google Chrome Stable Channel Update for Desktop - https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html

Intelligence: As of August 26, 2024, Google is aware that CVE-2024-7965 has been exploited in the wild.  It is very likely that the exploit will continue to be leveraged by threat actors over the coming months.

Workarounds:  There are no workarounds at this time.

How it works:  At the time of this writing, Google has stated "Access to bug details and links may be kept restricted until a majority of users are updated with a fix" as is standard for Google. A remote attacker could exploit heap corruption by means of a crafted HTML page.

Post-Exploit: Upon successful exploitation of the vulnerability, an attacker could gain unauthorized access or execute malicious code.

No known indicators of compromise have been publicly shared at this time.

As of August 28, 2024, the following vulnerability plugins have been released and are currently in Tenable Security Center:
Plugin
Title
Severity
206163<https://www.tenable.com/plugins/nessus/206163>
Debian dsa-5757 : chromium - security update
High
206193<https://www.tenable.com/plugins/nessus/206193>
openSUSE 15 Security Update : chromium (openSUSE-SU-2024:0258-2)
High
206172<https://www.tenable.com/plugins/nessus/206172>
Microsoft Edge (Chromium) < 128.0.2739.42 Multiple Vulnerabilities
High
206114<https://www.tenable.com/plugins/nessus/206114>
FreeBSD : chromium -- multiple security fixes (b339992e-6059-11ef-8a0f-a8a1599412c6)
High
206043<https://www.tenable.com/plugins/nessus/206043>
Google Chrome < 128.0.6613.84 Multiple Vulnerabilities
High
206042<https://www.tenable.com/plugins/nessus/206042>
Google Chrome < 128.0.6613.84 Multiple Vulnerabilities
High

Recommended Actions:


  *   Verify host has not been compromised before applying patches.
  *   Apply appropriate updates provided by vendor to vulnerable systems immediately after appropriate testing.
  *   Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
  *   Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources.
  *   Inform and educate users regarding the threats posed by hypertext links contained in emails or attachments especially from un-trusted sources.
  *   Apply the Principle of Least Privilege to all systems and services.


[cid:image001.png at 01DAF945.78245E80]
Cyber Security Services
State of Oregon Cyber Security Services
Enterprise Information Services | SOC
Cyber Security Services (CSS)
SOC Hotline: (503) 378-5930 | SOC Services (503) 373-0378
"Ensuring user-friendly, reliable, and secure state technology systems that equitably serve Oregonians."

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20240828/e4be8a05/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 21907 bytes
Desc: image001.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20240828/e4be8a05/attachment-0001.png>

More information about the CDP-development mailing list