Severity Rating: HIGH
Software Affected
Google Chrome versions prior to 83.0.4103.97
Google Chrome for IOS prior to 83.0.4103.88
Overview
Multiple vulnerabilities have been reported in Google Chrome that could
allow a remote attacker to execute arbitrary code, conduct spoofing attack,
bypass security restrictions and access sensitive information on the
targeted system.
Description
These vulnerabilities exist in Google Chrome due to use-after-free error
within the Web Authentication and payments component, insufficient
validation of user-supplied input in payments and progress display
component, insufficient policy enforcement in developer tools and Omnibox.
A remote attacker could exploit these vulnerabilities by creating a
specially crafted webpage on the targeted system.
Successful exploitation of these vulnerabilities could allow the attacker
to execute arbitrary code, conduct spoofing attack,bypass security
restrictions and access sensitive information on the targeted system.
Solution
Upgrade to Google Chrome 83.0.4103.97
Upgrade to Google Chrome for IOS 83.0.4103.88
Vendor Information
Google Chrome
https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html
References
Google Chrome
https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html
CVE Name
CVE-2020-6493
CVE-2020-6494
CVE-2020-6495
CVE-2020-6496
CVE-2020-6497
CVE-2020-6498
Software Affected
Google Chrome versions prior to 83.0.4103.97
Google Chrome for IOS prior to 83.0.4103.88
Overview
Multiple vulnerabilities have been reported in Google Chrome that could
allow a remote attacker to execute arbitrary code, conduct spoofing attack,
bypass security restrictions and access sensitive information on the
targeted system.
Description
These vulnerabilities exist in Google Chrome due to use-after-free error
within the Web Authentication and payments component, insufficient
validation of user-supplied input in payments and progress display
component, insufficient policy enforcement in developer tools and Omnibox.
A remote attacker could exploit these vulnerabilities by creating a
specially crafted webpage on the targeted system.
Successful exploitation of these vulnerabilities could allow the attacker
to execute arbitrary code, conduct spoofing attack,bypass security
restrictions and access sensitive information on the targeted system.
Solution
Upgrade to Google Chrome 83.0.4103.97
Upgrade to Google Chrome for IOS 83.0.4103.88
Vendor Information
Google Chrome
https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html
References
Google Chrome
https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html
CVE Name
CVE-2020-6493
CVE-2020-6494
CVE-2020-6495
CVE-2020-6496
CVE-2020-6497
CVE-2020-6498
About Cert Advisory
We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.