![Holm Security Yellow.png]](https://support.holmsecurity.com/hs-fs/hubfs/Holm%20Security%20logos/Holm%20Security%20Yellow.png?height=40&name=Holm%20Security%20Yellow.png){kind=small}
Critical Vulnerability in: Google Chromes Use After Free component (CVE-2024-4671)
The vulnerability, identified as CVE-2024-4671, is considered high-severity with a CVSS score of 9.8. It is related to a "use after free" weakness in the Visuals component, which is responsible for rendering and displaying content in the browser.
No information is available on the attacks exploiting CVE-2024-4671, but Chrome vulnerabilities are often targeted by commercial spyware vendors.
2024-05-10 Initial discovery and coverage:
Holm Security has developed a vulnerability test to check if a vulnerable version is present in the host:
-
HID-2-1-5357523 - Google Chrome < 124.0.6367.201 Use After Free Vulnerability
Find out if you are vulnerable
To find out if your environment is vulnerable. You can create a scan profile that specifically looks for the mentioned vulnerability.
https://support.holmsecurity.com/knowledge/how-do-i-include-or-exclude-a-specific-vulnerability-in-a-scan