cbcvebase.
CVE-2021-21193
published 2021-03-16

CVE-2021-21193: Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

PriorityP182high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2021-11-17
Exploited in the wild
EPSS
9.87%
95.0th percentile
Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Affected

11 ranges
VendorProductVersion rangeFixed in
chromiumchromium>= 0 < 89.0.4389.90-189.0.4389.90-1
chromiumchromium>= 0 < 89.0.4389.90-189.0.4389.90-1
chromiumchromium>= 0 < 89.0.4389.90-189.0.4389.90-1
chromiumchromium>= 0 < 89.0.4389.90-189.0.4389.90-1
debianchromium< chromium 89.0.4389.90-1 (bookworm)chromium 89.0.4389.90-1 (bookworm)
debiandebian_linux
fedoraprojectfedora
googlechrome< 89.0.4389.9089.0.4389.90
googlechrome>= unspecified < 89.0.4389.9089.0.4389.90
googlechrome_chrome
msrcmicrosoft_edge

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2021-21193 is confirmed exploited in the wild (CISA KEV); flag Google Chrome versions prior to 89.0.4389.90 and Microsoft Edge (Chromium-based) versions prior to 89.0.774.54 in use on endpoints
  • The vulnerability resides in the Blink rendering engine; network/proxy logs showing crafted HTML page delivery to unpatched Chromium-based browsers (Chrome < 89.0.4389.90, Edge < 89.0.774.54) should be treated as suspicious
  • Prioritize patching across all Chromium-based browsers (Chrome, Edge, Opera) as all are potentially affected by this Blink use-after-free
  • ·No public proof-of-concept or exploit payload details are available in the sources; the attack vector is a crafted HTML page delivered remotely, but no specific IOC (hash, URL, domain) for the exploit has been published in these sources

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv8.8HIGH
vulncheck8.8HIGH
cisa8.8HIGH
vendor_debian8.8HIGH
vendor_msrc8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.