In a bid to fix three new vulnerabilities in its browser, Google has issued updates for Chrome on all the major platforms. The search giant published an advisory to address the high-severity vulnerabilities, with the most severe one leading to arbitrary code execution and claimed by the Google Development Team as “being exploited in the wild“. These vulnerabilities also affect Microsoft’s Chromium-based edge browser and have been addressed in the Microsoft Advisory.


The first vulnerability, which has been assigned CVE-2020-6418, is a Type Confusion vulnerability and has been associated with a side-effect in Chrome’s V8 Engine. V8 is an open-source engine used by Chrome and Chromium browsers to process JavaScript. A type confusion basically revolves around wrong function pointers or data being fed to the wrong block of code.

In this case, as per reports, the attacker uses a similar concept to alter the length of an array to an arbitrary value to gain access to the V8 memory heap. This can lead to arbitrary code execution within the browser sandbox. By default, Chrome does not run without its sandbox enabled, and the attacker would evidently require to launch this attack in conjunction with a sandbox escape in order to take over a device.

The second security flaw is an out of bounds memory access vulnerability and has been tracked as CVE-2020-6407. This vulnerability has been associated with the streams API, which is used to break down and process a resource, bit by bit.

The third vulnerability, which has not been assigned a CVE, arises due to an Integer Overflow in ICU.

In its habitual approach, Google has not disclosed additional information about any of the vulnerabilities to avoid large-scale exploits and buy some time for its users to secure their browsers.


Proof of Concept
A proof of concept exploit has been published by a group of researchers from Exodus Intelligence. However, as mentioned before, it can be only used to execute code within the sandbox.


Affected products
Google Chrome versions before 80.0.3987.122
Microsoft Chromium-based Edge versions before 80.0.361.62


Impact

These vulnerabilities could allow a remote attacker to execute arbitrary code on the affected systems.


Solution

Please refer to this KB Article to apply the patches using SanerNow.


SecPod Saner detects these vulnerabilities and automatically fixes them by applying security updates. Download SanerNow and keep your systems updated and secure.


Summary
Google Chrome Zero-Day CVE-2020-6418
Article Name
Google Chrome Zero-Day CVE-2020-6418
Author
Publisher Name
SecPod Technologies
Publisher Logo

Leave a Reply

Your email address will not be published. Required fields are marked *