[CDP-development] TLP:GREEN (Zero-Day Alert Notification) - CVE-2024-5274: A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution

CSS Security Operations Services * DAS css-soc-services at das.oregon.gov
Tue May 28 09:15:26 PDT 2024 

Good morning,

The SOC Services team is reporting on the vulnerability: CVE-2024-5274: A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution. Due to its high visibility and knowledge of the software installed in the state environment, we are providing this in-depth information:

History: On May 23, 2024, Google released a security notification regarding CVE-2024-5274 a type-confusion vulnerability in Chrome.

The following products are affected:

  *   Chrome versions prior to 125.0.6422.112 (Linux)
  *   Chrome versions prior to 125.0.6422.112/.113 ( Windows, Mac)

Google has released the following blog regarding the vulnerability: https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_23.html

Intelligence: As of May 24, 2024, this vulnerability has been confirmed as being exploited in the wild.

Workarounds: No workarounds are available at this time.

How it works: The details related to exploitation is currently being withheld. The only information that is publicly known at this time, is that a type confusion weakness exists in the Chrome V8 JavaScript engine and WebAssembly engine.

Post-Exploit: Upon successful exploitation, threat actors to perform out-of-bounds memory access, cause a crash, and execute arbitrary code.

As of May 17, 2024, the following vulnerability plugins have been released and are currently in Tenable Security Center:
Plugin
Title
Severity
197860<https://www.tenable.com/plugins/nessus/197860>
Google Chrome < 125.0.6422.112 Vulnerability
High
197906<https://www.tenable.com/plugins/nessus/197906>
Debian dsa-5697 : chromium - security update
Critical
197861<https://www.tenable.com/plugins/nessus/197861>
Google Chrome < 125.0.6422.112 Vulnerability
High
197948<https://www.tenable.com/plugins/nessus/197948>
openSUSE 15 Security Update : opera (openSUSE-SU-2024:0142-1)
Critical
197287<https://www.tenable.com/plugins/nessus/197287>
Microsoft Edge (Chromium) < 124.0.2478.109 Multiple Vulnerabilities
High

Recommended Actions:


  *   Verify host has not been compromised before applying patches.
  *   Apply appropriate updates provided by vendor to vulnerable systems immediately after appropriate testing.
  *   Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
  *   Apply the Principle of Least Privilege to all systems and services


[cid:image001.png at 01DAA797.D13FF1A0]
Cyber Security Services
State of Oregon Cyber Security Services
Enterprise Information Services | SOC
Cyber Security Services (CSS)
SOC Hotline: (503) 378-5930 | SOC Services (503) 373-0378
"Ensuring user-friendly, reliable and secure state technology systems that equitably serve Oregonians."


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20240528/8ceb0a6e/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 21907 bytes
Desc: image001.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20240528/8ceb0a6e/attachment-0001.png>

More information about the CDP-development mailing list