Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
June 2, 2023
Severity High Analysis Summary Shuckworm APT – aka Actinium, Armageddon, Primitive Bear, Gamaredon, and Trident Ursa – is a Russia-backed advanced persistent threat (APT) that has […]June 2, 2023Severity High Analysis Summary StormKitty information stealer is designed to compromise sensitive data from infected systems, such as login credentials, passwords, cryptocurrency wallets, and other valuable […]June 2, 2023Severity High Analysis Summary Tofsee malware has been around since 2016. Once installed on a compromised computer, it can be used to send spam emails and […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
June 2, 2023Severity High Analysis Summary Shuckworm APT – aka Actinium, Armageddon, Primitive Bear, Gamaredon, and Trident Ursa – is a Russia-backed advanced persistent threat (APT) that has […]June 2, 2023Severity High Analysis Summary StormKitty information stealer is designed to compromise sensitive data from infected systems, such as login credentials, passwords, cryptocurrency wallets, and other valuable […]June 2, 2023Severity High Analysis Summary Tofsee malware has been around since 2016. Once installed on a compromised computer, it can be used to send spam emails and […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Rewterz Threat Advisory – Multiple VMware Workspace ONE Access, Identity Manager and vRealize Automation Vulnerabilities
August 3, 2022Rewterz Threat Alert – AveMaria RAT – Active IOCs
August 4, 2022
Severity
High
Analysis Summary
CVE-2022-2605 CVSS:6.5
Google Chrome could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in Dawn. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2022-2604 CVSS:8.8
Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in Safe Browsing. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVE-2022-2603 CVSS:8.8
Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in Omnibox. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVE-2022-2624 CVSS:8.8
Google Chrome is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by PDF. By persuading a victim to visit a specially crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVE-2022-2623 CVSS:8.8
Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in Offline. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVE-2022-2622 CVSS:6.5
Google Chrome could allow a remote attacker to bypass security restrictions, caused by insufficient validation of untrusted input in Safe Browsing.. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
CVE-2022-2621 CVSS:8.8
Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in Extensions. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVE-2022-2620 CVSS:8.8
Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in WebUI. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVE-2022-2619 CVSS:6.5
Google Chrome could allow a remote attacker to bypass security restrictions, caused by insufficient validation of untrusted input in Settings. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
CVE-2022-2618 CVSS:6.5
Google Chrome could allow a remote attacker to bypass security restrictions, caused by insufficient validation of untrusted input in Internals. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
CVE-2022-2617 CVSS:8.8
Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in Extensions API. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVE-2022-2616 CVSS:6.5
Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in Extensions API. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
CVE-2022-2615 CVSS:6.5
Google Chrome could allow a remote attacker to bypass security restrictions, caused by insufficient policy enforcement in Cookies. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
CVE-2022-2614 CVSS:8.8
Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in Sign-In Flow. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVE-2022-2613 CVSS:8.8
Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in Input. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVE-2022-2612 CVSS:6.5
Google Chrome could allow a remote attacker to obtain sensitive information, caused by side-channel information leakage in Keyboard input. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2022-2611 CVSS:6.5
Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in Fullscreen API. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass security restrictions.
CVE-2022-2609 CVSS:8.8
Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in Nearby Share. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVE-2022-2608 CVSS:8.8
Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in Nearby Share. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
Impact
- Information Disclosure
- Code Execution
- Buffer Overflow
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2022-2605
- CVE-2022-2604
- CVE-2022-2603
- CVE-2022-2624
- CVE-2022-2623
- CVE-2022-2622
- CVE-2022-2621
- CVE-2022-2620
- CVE-2022-2619
- CVE-2022-2618
- CVE-2022-2617
- CVE-2022-2616
- CVE-2022-2615
- CVE-2022-2614
- CVE-2022-2613
- CVE-2022-2612
- CVE-2022-2611
- CVE-2022-2609
- CVE-2022-2608
Affected Vendors
Affected Products
Google Chrome 104.0
Remediation
Upgrade to the latest version of Chrome, available from the Google Chrome Releases Website.
Google Chrome Releases Website