| Severity Rating | HIGH |
| Software Affected | Google Chrome Version prior to 89.0.4389.90 |
Overview:
Multiple vulnerabilities have been reported in Google chrome which could be exploited by an attacker to execute arbitrary code on the targeted system.
Description:
Multiple vulnerabilities exist in Google Chrome due to Use after free in WebRTC, Blink and Heap buffer overflow in tab groups. An attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted website. Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code on the targeted system.
Solution
Upgrade to Google chrome version 89.0.4389.90
https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_12.html
Vendor Information
Google Chrome: https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_12.html
CVE Name
CVE-2021-21191
CVE-2021-21192
CVE-2021-21193
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Note: Any unusual activity or attack should be reported immediately at incident@cert-in.org.in, cert.ksitm@kerala.gov.in with the relevant logs for analysis and taking further appropriate actions.