CERT-In warns users of several bugs in Google Chrome, Zoho software



India’s Computer Emergency Response Team (CERT-In), which falls under the Ministry of IT, has warned users about multiple vulnerabilities in Google Chrome that could allow a remote attacker to execute arbitrary code and denial of service (DoS) conditions on the targeted system.

A remote attacker could exploit these vulnerabilities by sending specially crafted requests to the targeted system.

“Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code and denial of service (DoS) conditions on the targeted system,” CERT-In said in the advisory late Wednesday.

These vulnerabilities exist in Google Chrome due to ‘Heap Buffer’ overflow in ‘WebRTC’, ‘Type Confusion in V8’ and ‘Use after Free’ in Chrome OS Shell.

InsectsIANS

The vulnerability (CVE-2022-2294) is being exploited in the wild, the cyber agency said, adding that users were advised to apply patches urgently.

CERT-In also advised users of a reported “Remote Code Execution” vulnerability in software from Zoho Corporation that could be exploited by an unauthenticated remote attacker to execute arbitrary code on the targeted system.

cyber security

cyber securityIANS

The vulnerability exists in “Zoho ManageEngine ADAudit Plus” due to a “misconfigured XML” parser that processes user-supplied input without sufficient validation.

“Successful exploitation of this vulnerability could allow a remote, unauthenticated attacker to execute arbitrary code on the targeted system,” the cyber agency warned, advising users to upgrade to Zoho’s latest security update. “ManageEngine ADAudit Plus”.

Previous Debt Consolidation Market Will See Amazing Growth By 2031 – Designer Women
Next Crush them now, NJ! Destructive Bugs Begin Transformation