Google and Firefox fixes Zero-Day Flaw Exploited in the Wild

Threat Level

Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

A zero-day vulnerability, CVE-2023-5217, is actively exploited and has been patched in both Google Chrome and Firefox browsers. CVE-2023-5217 is a Heap buffer overflow vulnerability discovered in the vp8 encoding component of libvpx, which has the potential to allow the execution of arbitrary code on the targeted system. Additionally, Google addressed multiple security issues including CVE-2023-5186, CVE-2023-5187, and CVE-2023-5217. All CVE-2023-5186, CVE-2023-5187 and CVE-2023-5217 are use-after-free flaws and they could also lead to arbitrary code execution.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

Google and Firefox fixes Zero-Day Flaw Exploited in the Wild

Threat Level

Vulnerability Report

Summary

ZenRAT Targeting Windows Users Through Fake Bitwarden Installs

BlackTech: China-Linked Cyber Actors Exploit Router Firmware

Recent Posts