CVE-2018-17463
Published: 14 November 2018
Summary
CVE-2018-17463 is a high-severity an unspecified weakness vulnerability in Google Chrome. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 0.3% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SC-18 (Mobile Code).
Deeper analysis
The vulnerability is an incorrect side effect annotation in the V8 JavaScript engine within Google Chrome versions prior to 70.0.3538.64. This flaw resides in the handling of object operations that can lead to type confusion during just-in-time compilation and optimization.
A remote attacker can exploit the issue by serving a specially crafted HTML page to a victim. Successful exploitation grants the ability to execute arbitrary code within the renderer sandbox, with the CVSS vector reflecting network attack vector, low complexity, no required privileges, and required user interaction.
Chrome stable channel updates and corresponding Red Hat errata advise immediate upgrade to version 70.0.3538.64 or later to address the defect. Public references include a detailed Chromium bug report and a proof-of-concept exploit targeting Chrome 67 through 69.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2018-9216
Vulnerability details
Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
- CWE(s)
- KEV Date Added
- 08 June 2022
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires timely installation of the Chrome 70.0.3538.64 patch that corrects the V8 side-effect annotation flaw.
Establishes usage restrictions and security controls for mobile code (JavaScript) that can limit exposure to the crafted HTML exploit.
Deploys malicious-code protection mechanisms that can block or alert on renderer exploitation attempts via crafted web content.