Rewterz Threat Alert –AZORult Malware – Active IOCs
August 2, 2021Rewterz Threat Advisory –IBM QRadar User Behavior Analytics Vulnerability
August 3, 2021Rewterz Threat Alert –AZORult Malware – Active IOCs
August 2, 2021Rewterz Threat Advisory –IBM QRadar User Behavior Analytics Vulnerability
August 3, 2021Severity
High
Analysis Summary
CVE-2021-30597
Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in Browser UI. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVE-2021-30596
Google Chrome could allow a remote attacker to bypass security restrictions, caused by incorrect security UI in Navigation. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
CVE-2021-30594
Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in Page Info UI. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVE-2021-30593
Google Chrome could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in Tab Strip. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2021-30592
Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in Tab Groups. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVE-2021-30590
Google Chrome is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by Bookmarks. By persuading a victim to visit a specially crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
Impact
- Bypass Security
- Privilege Escalation
Affected Vendors
Affected Products
- Google Chrome 92
Remediation
Upgrade to the latest version of Chrome (92.0.4515.131 or later).