Cybersecurity experts have revealed the discovery of six security issues in Google Chrome, one of the world's most popular Internet browsers. Successful exploitation of these traits can create many vicious situations.
Below is a brief description of the reported vulnerabilities, in addition to their scores and tracking keys according to the Common Vulnerability Scoring System (CVSS).
CVE-2020-6493: This is a back-end risk that exists due to an error in the Google Chrome Web authentication feature.
A threatening actor can redirect victims to a malicious website to help them become vulnerable and create a code of opposition to the program.
This error scored 7.7/10, so it is considered a serious difficulty.
CVE-2020-6494: This risk exists due to insufficient confirmation of user inclusion in the Google Chrome payment item. Threatening actors can create a specially designed website, trick the victim into visiting it and lying about its contents.
This is a very serious mistake, as it scored 7.1 / 10 on the CVSS rating.
CVE-2020-6495: This error exists due to inadequate policy implementation of developer tools in Chrome.
A remote giant can redirect victims to websites with malicious content in order to bypass security measures and compromise the affected system.
The error scored 7.7 / 10, so it is considered very serious.
CVE-2020-6496: This error exists due to a usage error after the payment component in Google Chrome.
A remote attacker can create a specially designed webpage, trick the victim into visiting it, create a free-use bug and create an anti-target code.
This error also scored 7.7 / 10 points, so it is considered a high gravity error.
CVE-2020-6497: This risk exists due to the enforcement of Omnibox policy in Google Chrome and allows attackers to bypass security systems in the system.
Hackers can trick a victim into visiting a specially designed website, bypassing security measures and gaining access to sensitive information.
This is a medium-sized risk and a score of 4.7 / 10 on the CVSS scale.
CVE-2020-6498: This error exists due to insufficient verification of user-provided development features shown in Google Chrome.
A remote attacker can create a specially designed website, trick the victim into visiting it, and fake the content of the website.
Error scored 4.7 / 10 on the CVSS scale, so it is considered a medium size error.
Although errors can be used remotely by unverified hackers, there is no point in starting this attack. Google has already released compatible updates, so users should only confirm the installation.
Comments
Post a Comment