CVE-2020-16013
published 2021-01-08CVE-2020-16013: Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML…
PriorityP181high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-05-03
Exploited in the wild
EPSS
2.83%
84.8th percentile
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chromium | chromium | >= 0 < 87.0.4280.88-0.1 | 87.0.4280.88-0.1 |
| chromium | chromium | >= 0 < 87.0.4280.88-0.1 | 87.0.4280.88-0.1 |
| chromium | chromium | >= 0 < 87.0.4280.88-0.1 | 87.0.4280.88-0.1 |
| chromium | chromium | >= 0 < 87.0.4280.88-0.1 | 87.0.4280.88-0.1 |
| debian | chromium | < chromium 87.0.4280.88-0.1 (bookworm) | chromium 87.0.4280.88-0.1 (bookworm) |
| chrome | < 86.0.4240.198 | 86.0.4240.198 | |
| chrome | >= unspecified < 86.0.4240.198 | 86.0.4240.198 | |
| chrome_chrome | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2020-16013 is an in-the-wild exploited vulnerability (confirmed by Google); detection should prioritize Chrome versions prior to 86.0.4240.198 making outbound connections or rendering crafted HTML pages ↗
- →The vulnerability is an inappropriate implementation in the V8 JavaScript engine (CWE-787 Out-of-bounds Write); monitor for heap corruption triggered via crafted HTML pages delivered remotely ↗
- →Exploit delivery vector is a crafted HTML page; network-level detection should look for suspicious HTML/JS content targeting V8 engine parsing, especially from untrusted or anonymous sources ↗
- →This vulnerability affects multiple Chromium-based browsers (Chrome, Edge, Opera); broaden detection scope beyond Chrome alone ↗
- →Rockwell Automation Connected Components Workbench using CefSharp version 81.3.100 is a known vulnerable embedded-browser deployment; flag this version in OT/ICS environments ↗
- ·Exploits were reported by anonymous sources; no public PoC or exploit code details are available in the sources, limiting signature-based detection specificity ↗
- ·The fix version for Chromium-based browsers is 86.0.4240.198 (Chrome) or 87.0.4280.88 (Debian); detections based on version checks should use these thresholds ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
ghsa8.8HIGH
osv8.8HIGH
vulncheck8.8HIGH
cisa8.8HIGH
vendor_debian8.8HIGH
vendor_redhat8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Rockwell Automation Connected Components Workbench
cisa_ics·2023-09-21·CVSS 9.6
[CRITICAL] Rockwell Automation Connected Components Workbench
ICS Advisory
##
Rockwell Automation Connected Components Workbench
Release DateSeptember 21, 2023
Alert CodeICSA-23-264-05
## View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.6
- ATTENTION: Exploitable remotely/low attack complexity/public exploits are available/known public exploitation
- Vendor: Rockwell Automation
- Equipment: Connected Components Workbench
- Vulnerabilities: Use After Free, Out-of-bounds Write
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to exploit heap corruption via a crafted HTML.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of Rockwell Automation Connected Components Workbench Smart Security Manager are affected:
- Connected Components Workbench: versions
CISA
Google Chromium V8 Incorrect Implementation Vulnerabililty
cisa·2021-11-03·CVSS 8.8
CVE-2020-16013 [HIGH] CWE-787 Google Chromium V8 Incorrect Implementation Vulnerabililty
Vulnerability: Google Chromium V8 Incorrect Implementation Vulnerabililty
Affected: Google Chromium V8
Google Chromium V8 Engine contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2020-16013
Remediation Due Date: 2022-05-03
Red Hat
chromium-browser: Inappropriate implementation in V8
vendor_redhat·2020-11-11·CVSS 8.8
CVE-2020-16013 [HIGH] CWE-358 chromium-browser: Inappropriate implementation in V8
chromium-browser: Inappropriate implementation in V8
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Chrome
Stable Channel Update for Desktop: CVE-2020-16013
vendor_chrome·2020-11-11·CVSS 8.8
CVE-2020-16013 [HIGH] Stable Channel Update for Desktop: CVE-2020-16013
Stable Channel Update for Desktop
CVE-2020-16013: Inappropriate implementation in V8. Reported by Anonymous on 2020-11-09 [$TBD][ 1146709 ] High CVE-2020-16017: Use after free in site isolation
Reported by Anonymous on 2020-11-07 Google is aware of reports that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild
Severity: high
Debian
CVE-2020-16013: chromium - Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allow...
vendor_debian·2020·CVSS 8.8
CVE-2020-16013 [HIGH] CVE-2020-16013: chromium - Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allow...
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Scope: local
bookworm: resolved (fixed in 87.0.4280.88-0.1)
bullseye: resolved (fixed in 87.0.4280.88-0.1)
forky: resolved (fixed in 87.0.4280.88-0.1)
sid: resolved (fixed in 87.0.4280.88-0.1)
trixie: resolved (fixed in 87.0.4280.88-0.1)
OSV
CVE-2020-16013: Inappropriate implementation in V8 in Google Chrome prior to 86
osv·2021-01-08·CVSS 8.8
CVE-2020-16013 [HIGH] CVE-2020-16013: Inappropriate implementation in V8 in Google Chrome prior to 86
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
OSV
Use after free in CefSharp
osv·2020-11-27·CVSS 8.8
CVE-2020-16017 [HIGH] Use after free in CefSharp
Use after free in CefSharp
CVE-2020-16017: Use after free in site isolation
- https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16017
Google is aware of reports that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild.
There is currently little to no public information on the issue other than it has been flagged as `High` severity.
GHSA
Inappropriate implementation in V8 in CefSharp
ghsa·2020-11-27·CVSS 8.8
CVE-2020-16013 [HIGH] CWE-119 Inappropriate implementation in V8 in CefSharp
Inappropriate implementation in V8 in CefSharp
High CVE-2020-16013: Inappropriate implementation in V8.
- https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16013
Google is aware of reports that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild.
There is currently little to no public information on the issue other than it has been flagged as `High` severity.
GHSA
Use after free in CefSharp
ghsa·2020-11-27·CVSS 8.8
CVE-2020-16017 [HIGH] CWE-416 Use after free in CefSharp
Use after free in CefSharp
CVE-2020-16017: Use after free in site isolation
- https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16017
Google is aware of reports that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild.
There is currently little to no public information on the issue other than it has been flagged as `High` severity.
OSV
Inappropriate implementation in V8 in CefSharp
osv·2020-11-27·CVSS 8.8
CVE-2020-16013 [HIGH] Inappropriate implementation in V8 in CefSharp
Inappropriate implementation in V8 in CefSharp
High CVE-2020-16013: Inappropriate implementation in V8.
- https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16013
Google is aware of reports that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild.
There is currently little to no public information on the issue other than it has been flagged as `High` severity.
VulnCheck
Google Chromium V8 Incorrect Implementation Vulnerabililty
vulncheck·2020·CVSS 8.8
CVE-2020-16013 [HIGH] CWE-787 Google Chromium V8 Incorrect Implementation Vulnerabililty
Google Chromium V8 Incorrect Implementation Vulnerabililty
Google Chromium V8 Engine contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Affected: Google Chromium V8
Required Action: Apply updates per vendor instructions.
Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
Remediation Due: 2022-05-03
No detection rules found.
No public exploits indexed.
Qualys
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR | Qualys
blogs_qualys·2022-02-23
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR | Qualys
#### Table of Contents
- Situation
- Directive Scope
- CISA Catalog of Known Exploited Vulnerabilities
- Detect CISA Vulnerabilities Using Qualys VMDR
- CISA Exploited RTI
- Detailed Operational Dashboard
- Remediation
- Federal Enterprises and Agencies Can Act Now
- Summary
- Getting Started
CISA released a directive in November 2021, recommending urgent and prioritized remediation of actively exploited vulnerabilities. Both government agencies and corporations should heed this advice. This blog outlines how Qualys Vulnerability Management, Detection & Response can be used by any organization to respond to this directive efficiently and effectively.
## Situation
Last November 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a Binding Operational Directiv
Tenable
CVE-2021-21148: Google Chrome Heap Buffer Overflow Vulnerability Exploited in the Wild
blogs_tenable·2021-02-05·CVSS 8.8
[HIGH] CVE-2021-21148: Google Chrome Heap Buffer Overflow Vulnerability Exploited in the Wild
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Checkpoint
16th November – Threat Intelligence Bulletin
blogs_checkpoint·2020-11-16
CVE-2020-16013 16th November – Threat Intelligence Bulletin
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 16th November – Threat Intelligence Bulletin
For the latest discoveries in cyber research for the week of 16th November, please download our Threat Intelligence Bulletin .
Top Attacks and Breaches
Check Point Research has further investigated the newly revealed ‘Pay2Key’ ransomware, tracing several ransom payments to an Iranian cryptocurrency exchange, and concluded that the malware, which focuses on Israeli organizations, is most likely of Iranian origin.
Check Point SandBlast Agent provides protection agains
https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.htmlhttps://crbug.com/1147206https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.htmlhttps://crbug.com/1147206https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-16013
2021-01-08
Published
2021-11-03
Added to CISA KEV
Exploited in the wild