Google Chromium V8 Type Confusion Vulnerability

Prior to version 114.0.5735.110 of Google Chrome, the V8 JavaScript engine included a type misunderstanding that led to the very serious vulnerability known as CVE-2023-3079. Through a designed HTML page, the vulnerability may allow the programme to incorrectly understand the data type it is managing, potentially resulting in heap corruption. This vulnerability might be used by an attacker to gain unauthorised access to the system and disclose information. For Chrome versions 114.0.5735.106 for Mac and Linux and 114.0.5735.110 for Windows, Google has published a remedy for this vulnerability. On June 7, 2023, the flaw was added to CISA’s list of known exploited vulnerabilities. This CVE’s records were created on June 2, 2023. As of June 6, 2023, the flaw was being used in the wild.

 

Root Cause Analysis:

The faulty error message processing in the CGI programme is the primary cause of the OS command injection vulnerability found in different Zyxel firewall versions. By sending specially crafted packets to a vulnerable device, this vulnerability enables the remote execution of specific OS commands by an unauthenticated attacker. In some cases, the “chg_exp_pwd” CGI programme’s absence of input string validation is what leads to the vulnerability. Numerous Zyxel products are impacted by the flaw, including ATP, USG Flex, VPN, and ZyWALL/USG. Users are advised to apply the patches as soon as possible to ensure the greatest level of protection since Zyxel has released them to address the vulnerability.

 

Impact:

The impact of CVE-2023-3079 are substantial. At this time, the vulnerability is classified as having significant severity. It is deemed to be extremely serious and has the potential to cause type confusion, which might allow the program to interpret the data type it is managing incorrectly, perhaps resulting in heap corruption through a specially constructed HTML page. This issue might be used by an attacker to enter a system without authorization and disclose information. The flaw might allow for the execution of arbitrary code. The existence of a CVE-2023-3079 exploit in the wild is known to Google. As of June 6, 2023, the flaw was being actively exploited. To reduce the risk, it’s crucial to upgrade to Chrome Version 114.0.5735.110 for Windows, Chrome Version 114.0.5735.106 for Mac and Linux, or Microsoft Edge Stable Channel (Version 114.0.1823.41).

 

Affected Software’s:

The following software versions are affected by CVE-2023-3079:

  • Google Chrome prior to version 114.0.5735.110
  • Microsoft Edge Stable Channel (Version 114.0.1823.41)

Upgrade to Chrome Version 114.0.5735.110 for Windows, 114.0.5735.106 for Mac and Linux, or Microsoft Edge Stable Channel (Version 114.0.1823.41) in order to reduce the risk of exploitation.

 

Detection and Response:

To identify CVE-2023-3079, users should ensure that their Chrome and Edge versions are up to date with the latest security fixes. Google has issued a patch to address the vulnerability, while Microsoft has also issued a patch for CVE-2023-3079 to Microsoft Edge Stable Channel. Attackers have exploited the vulnerability, and Google is aware that an exploit for CVE-2023-3079 exists in the wild. It should be noted that the vulnerability has been rated as critical. A type misunderstanding in the V8 JavaScript engine causes the vulnerability, which allows a remote attacker to possibly exploit heap corruption through a forged HTML page.

The best method to respond to the discovery of CVE-2023-3079 is to ensure that your Chrome and Edge browsers are up to date with the latest security fixes. Google has issued a patch to address the vulnerability, while Microsoft has also issued a patch for CVE-2023-3079 to Microsoft Edge Stable Channel. Attackers have exploited the vulnerability, and Google is aware that an exploit for CVE-2023-3079 exists in the wild. The flaw has been classed as critical. A type misunderstanding in the V8 JavaScript engine causes the vulnerability, which allows a remote attacker to possibly exploit heap corruption through a forged HTML page. Users are urged to update their Google Chrome browser to the most recent version, which is 114.0.5735.110 for Windows and version 114.0.5735.106 for macOS and Linux. Chromium-based browsers such as Opera, Brave, and Microsoft Edge will also require patching.

 

Recommendation:

  1. Check the version of Chrome and Edge browsers to ensure they have the most recent security fixes.

 

  1. Update your Google Chrome browser to the most recent version, which is 114.0.5735.110 for Windows and 114.0.5735.106 for macOS and Linux.

 

  1. Patching will also be required for Chromium-based browsers such as Opera, Brave, and Microsoft Edge.

 

  1. Organization should be aware that the CVE-2023-3079 exploit is active in the wild.

 

  1. To make sure you are protected against the most recent threats, regularly check for security updates for your browser and other applications.