CVE-2023-7261

Published Jun 7, 2024

Last updated 23 days ago

CVSS high 7.3

Overview

Description
Inappropriate implementation in Google Updator prior to 1.3.36.351 in Google Chrome allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: High)
Source
chrome-cve-admin@google.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.3
Impact score
5.9
Exploitability score
1.3
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-233

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

1

  1. 馃攳 In-House Discovery Released: CVE-2023-7261 馃攳 We鈥檙e excited to announce that Google has now fixed our reported vulnerability, CVE-2023-7261, which allowed Local Privilege Escalation in the Google Chrome Updater via DosDevices. With the update rolled out to users, we are

    @zerozenxlabs

    15 Nov 2024

    1138 Impressions

    2 Retweets

    7 Likes

    6 Bookmarks

    0 Replies

    0 Quotes

References