CVE-2023-2033
published 2023-04-14CVE-2023-2033: Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page…
PriorityP188high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITWEXPLOIT
CISA Known Exploited Vulnerabilitydue 2023-05-08
Exploited in the wild
EPSS
40.80%
98.5th percentile
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chromium | chromium | >= 0 < 112.0.5615.121-1~deb11u1 | 112.0.5615.121-1~deb11u1 |
| chromium | chromium | >= 0 < 112.0.5615.121-1 | 112.0.5615.121-1 |
| chromium | chromium | >= 0 < 112.0.5615.121-1 | 112.0.5615.121-1 |
| chromium | chromium | >= 0 < 112.0.5615.121-1 | 112.0.5615.121-1 |
| couchbase | couchbase_server | < 7.1.5 | 7.1.5 |
| couchbase | couchbase_server | — | — |
| debian | chromium | < chromium 112.0.5615.121-1 (bookworm) | chromium 112.0.5615.121-1 (bookworm) |
| debian | debian_linux | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| chrome | < 112.0.5615.121 | 112.0.5615.121 | |
| chrome | >= 112.0.5615.121 < 112.0.5615.121 | 112.0.5615.121 | |
| chrome_chrome | — | — | |
| msrc | microsoft_edge | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Exploitation vector is a specially crafted HTML page targeting the V8 JavaScript engine's ErrorCaptureStackTrace function via type confusion; monitor for suspicious HTML/JS delivering malformed objects to this function ↗
- →The exploit is in-the-wild; treat any unpatched Chrome/Edge (Chromium-based) instance below version 112.0.5615.121 as actively at risk ↗
- →Affected browsers include Google Chrome, Microsoft Edge (Chromium-based), and Opera — scope detection/patching to all Chromium-based browsers, not just Chrome ↗
- →Monitor for abuse of the V8 ErrorCaptureStackTrace function with non-Error object arguments as an indicator of exploitation attempt ↗
- ·Vulnerable version threshold: all Google Chrome versions prior to 112.0.5615.121 are affected across Windows, Mac, and Linux ↗
- ·CISA mandated remediation deadline was 2023-05-08; any environment still running pre-patch Chromium browsers is in violation of KEV requirements ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH
vulncheck8.8HIGH
cisa8.8HIGH
vendor_debian8.8HIGH
vendor_msrc8.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5gxv-52gp-vmhp: Type confusion in V8 in Google Chrome prior to 112
ghsa_unreviewed·2023-04-14
CVE-2023-2033 [HIGH] CWE-843 GHSA-5gxv-52gp-vmhp: Type confusion in V8 in Google Chrome prior to 112
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
OSV
CVE-2023-2033: Type confusion in V8 in Google Chrome prior to 112
osv·2023-04-14·CVSS 8.8
CVE-2023-2033 [HIGH] CVE-2023-2033: Type confusion in V8 in Google Chrome prior to 112
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
VulnCheck
Google Chromium V8 Type Confusion Vulnerability
vulncheck·2023·CVSS 8.8
CVE-2023-2033 [HIGH] CWE-843 Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Affected: Google Chromium V8
Required Action: Apply updates per vendor instructions.
Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json; https://securelist.com/it-threat-evolution-q2-2023-non-mobile-statistics/110413/; https://ti.qianxin.com/uploads/2024/02/02/dcc93e586f9028c68e7ab34c3326f
Chrome
Long Term Support Channel Update for ChromeOS: CVE-2023-2033
vendor_chrome·2023-04-27·CVSS 8.8
CVE-2023-2033 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-2033
Long Term Support Channel Update for ChromeOS
CVE-2023-2033
CISA
Google Chromium V8 Type Confusion Vulnerability
cisa·2023-04-17·CVSS 8.8
CVE-2023-2033 [HIGH] CWE-843 Google Chromium V8 Type Confusion Vulnerability
Vulnerability: Google Chromium V8 Type Confusion Vulnerability
Affected: Google Chromium V8
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action: Apply updates per vendor instructions.
Notes: https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_14.html; https://nvd.nist.gov/vuln/detail/CVE-2023-2033
Remediation Due Date: 2023-05-08
Microsoft
Chromium: CVE-2023-2033 Type Confusion in V8
vendor_msrc·2023-04-11·CVSS 8.8
CVE-2023-2033 [HIGH] Chromium: CVE-2023-2033 Type Confusion in V8
Chromium: CVE-2023-2033 Type Confusion in V8
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Google is aware that an exploit for CVE-2023-2033 exists in the wild.
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
Cl
Debian
CVE-2023-2033: chromium - Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote a...
vendor_debian·2023·CVSS 8.8
CVE-2023-2033 [HIGH] CVE-2023-2033: chromium - Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote a...
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Scope: local
bookworm: resolved (fixed in 112.0.5615.121-1)
bullseye: resolved (fixed in 112.0.5615.121-1~deb11u1)
forky: resolved (fixed in 112.0.5615.121-1)
sid: resolved (fixed in 112.0.5615.121-1)
trixie: resolved (fixed in 112.0.5615.121-1)
No detection rules found.
No public exploits indexed.
Mandiant
Intellexa’s Prolific Zero-Day Exploits Continue
blogs_mandiant·2025-12-03
Intellexa’s Prolific Zero-Day Exploits Continue
Threat Intelligence
# Sanctioned but Still Spying: Intellexa’s Prolific Zero-Day Exploits Continue
December 3, 2025
##### Google Threat Intelligence Group
##### Google Threat Intelligence
Visibility and context on the threats that matter most.
Contact Us & Get a Demo
### Introduction
Despite extensive scrutiny and public reporting, commercial surveillance vendors continue to operate unimpeded. A prominent name continues to surface in the world of mercenary spyware, Intellexa. Known for its “Predator” spyware, the company was sanctioned by the US Government. New Google Threat Intelligence Group (GTIG) analysis shows that Intellexa is evading restrictions and thriving.
Intellexa has adapted, evaded restrictions, and continues selling digital weapons to the highest bidders. Alongside
Mandiant
Sanctioned but Still Spying: Intellexa’s Prolific Zero-Day Exploits Continue
blogs_mandiant·2025-12-03
Sanctioned but Still Spying: Intellexa’s Prolific Zero-Day Exploits Continue
## Sanctioned but Still Spying: Intellexa’s Prolific Zero-Day Exploits Continue
## Google Threat Intelligence Group
## Google Threat Intelligence
Visibility and context on the threats that matter most.
## Introduction
Despite extensive scrutiny and public reporting , commercial surveillance vendors continue to operate unimpeded. A prominent name continues to surface in the world of mercenary spyware, Intellexa. Known for its “Predator” spyware, the company was sanctioned by the US Government . New Google Threat Intelligence Group (GTIG) analysis shows that Intellexa is evading restrictions and thriving .
Intellexa has adapted, evaded restrictions, and continues selling digital weapons to the highest bidders. Alongside research published by our colleagues from Recorded Future and Amne
Bleepingcomputer
Google fixes first actively exploited Chrome zero-day of 2024
blogs_bleepingcomputer·2024-01-16·CVSS 8.8
CVE-2024-0519 [HIGH] Google fixes first actively exploited Chrome zero-day of 2024
## Google fixes first actively exploited Chrome zero-day of 2024
## Sergiu Gatlan
Although Google says the security update could take days or weeks to reach all impacted users, it was available immediately when BleepingComputer checked for updates today.
Those who prefer not to update their web browser manually can rely on Chrome to automatically check for new updates and install them after the next launch.
The high-severity zero-day vulnerability ( CVE-2024-0519 ) is due to a high-severity out-of-bounds memory access weakness in the Chrome V8 JavaScript engine, which remote attackers can exploit via a crafted HTML page to gain access to data beyond the memory buffer through heap corruption, providing them access to sensitive information or triggering a crash.
"The expected sentinel
Bleepingcomputer
Google fixes 8th Chrome zero-day exploited in attacks this year
blogs_bleepingcomputer·2023-12-20·CVSS 8.8
[HIGH] Google fixes 8th Chrome zero-day exploited in attacks this year
## Google fixes 8th Chrome zero-day exploited in attacks this year
## Sergiu Gatlan
The bug was discovered and reported by Clément Lecigne and Vlad Stolyarov of Google's Threat Analysis Group (TAG), a collective of security experts whose primary goal is to defend Google customers from state-sponsored attacks.
Google's Threat Analysis Group (TAG) frequently discovers zero-day bugs exploited by government-sponsored threat actors in targeted attacks aiming to deploy spyware on the devices of high-risk individuals, including opposition politicians, dissidents, and journalists.
Even though the security update could take days or weeks to reach all users, according to Google, it was available immediately when BleepingComputer checked for updates earlier today.
Individuals who prefer not t
Bleepingcomputer
Google Chrome emergency update fixes 7th zero-day exploited in 2023
blogs_bleepingcomputer·2023-11-28·CVSS 9.6
[CRITICAL] Google Chrome emergency update fixes 7th zero-day exploited in 2023
## Google Chrome emergency update fixes 7th zero-day exploited in 2023
## Sergiu Gatlan
The vulnerability has been addressed in the Stable Desktop channel, with patched versions rolling out globally to Windows users (119.0.6045.199/.200) and Mac and Linux users (119.0.6045.199).
Although the advisory notes that the security update may take days or weeks to reach the entire user base, it was available immediately when BleepingComputer checked for updates earlier today.
Users who don't want to update manually can rely on the web browser to check for new updates automatically and install them after the next launch.
## Likely exploited in spyware attacks
This high-severity zero-day vulnerability stems from an integer overflow weakness within the Skia open-source 2D graphics library, pos
Sentinelone
Beyond the WebP Flaw | An In-depth Look at 2023's Browser Security Challenges
blogs_sentinelone·2023-10-03
Beyond the WebP Flaw | An In-depth Look at 2023's Browser Security Challenges
This week, Firefox users were urged to apply Mozilla’s latest updates against a critical flaw that could allow attackers to take control of affected systems. It follows hard on the heels of similar updates for Microsoft Edge, Google Chrome, and Apple’s Safari browser. All have been heavily impacted by an actively exploited vulnerability in the WebP code library.
Although the WebP vulnerability affects other software as well, browsers are by far and away the most ubiquitous and widely used applications on end user devices . Having a foothold in a compromised browser gives threat actors access to sensitive information and potential avenues into targeted environments.
In this post, we take a deep dive into browser security , exploring the differences between vulnerabilities and exploits, ze
Sentinelone
Beyond the WebP Flaw | An In-depth Look at 2023's Browser Security Challenges
blogs_sentinelone·2023-10-03
Beyond the WebP Flaw | An In-depth Look at 2023's Browser Security Challenges
This week, Firefox users were urged to apply Mozilla’s latest updates against a critical flaw that could allow attackers to take control of affected systems. It follows hard on the heels of similar updates for Microsoft Edge, Google Chrome, and Apple’s Safari browser. All have been heavily impacted by an actively exploited vulnerability in the WebP code library.
Although the WebP vulnerability affects other software as well, browsers are by far and away the most ubiquitous and widely used applications on end user devices. Having a foothold in a compromised browser gives threat actors access to sensitive information and potential avenues into targeted environments.
In this post, we take a deep dive into browser security, exploring the differences between vulnerabilities and exploits, zero
Securelist
IT threat evolution in Q2 2023. Non-mobile statistics
blogs_securelist·2023-08-30
IT threat evolution in Q2 2023. Non-mobile statistics
Table of Contents
Quarterly figures
Financial threats
Financial threat statistics
Geography of financial malware attacks
Ransomware programs
Quarterly trends and highlights
MOVEit Transfer vulnerabilities exploited
Attacks on municipal organizations, educational and healthcare establishments
Most prolific groups
Number of new modifications
Number of users attacked by ransomware Trojans
Geography of attacked users
TOP 10 most common families of ransomware Trojans
Miners
Number of new miner modifications
Number of users attacked by miners
Geography of miner attacks
Vulnerable applications used by criminals during cyberattacks
Quarterly highlights
Vulnerability statistics
Attacks on macOS
Geography of threats for macOS
IoT attacks
IoT threat statistics
Attacks on IoT
Securelist
PC malware statistics, Q2 2022
blogs_securelist·2023-08-30
PC malware statistics, Q2 2022
Table of Contents
- Quarterly figures
- Financial threats
- Ransomware programs
- Most prolific groups
- Miners
- Vulnerable applications used by criminals during cyberattacks
- Attacks on macOS
- IoT attacks
- Attacks on IoT honeypots
- Attacks via web resources
- Local threats
Authors
- AMR
- IT threat evolution in Q2 2023
- IT threat evolution in Q2 2023. Non-mobile statistics
- IT threat evolution in Q2 2023. Mobile statistics
These statistics are based on detection verdicts of Kaspersky products and services received from users who consented to providing statistical data.
## Quarterly figures
According to Kaspersky Security Network, in Q2 2023:
- Kaspersky solutions blocked 801,934,281 attacks from online resources across the globe.
- A total of 209,716,810 unique links were d
Sentinelone
CVE-2023-2033: Google Chrome Patch Addresses Zero-day Vulnerability
blogs_sentinelone·2023-04-24·CVSS 8.8
CVE-2023-2033 [HIGH] CVE-2023-2033: Google Chrome Patch Addresses Zero-day Vulnerability
In a recent event, Google released an emergency security update to address a zero-day vulnerability in the Chromium-based browser. The vulnerability, CVE-2023-2033, is a type confusion issue in the V8 JavaScript engine used by Chromium Open Source Software (OSS), which is consumed by browsers like Google Chrome, Microsoft Edge (Chromium-based), etc. This vulnerability could allow attackers to execute remote code and gain unauthorized access to sensitive information. In this blog post, we will delve deeper into what type confusion vulnerability is and provide details on the CVE-2023-2033 vulnerability.
The vulnerability has a CVSS score of 8.8, classified as HIGH.
## What is type confusion vulnerability?
Type confusion vulnerability happens when code lacks type-checking by not verifying
Sentinelone
CVE-2023-2033: Google Chrome Patch Addresses Zero-day Vulnerability
blogs_sentinelone·2023-04-24·CVSS 8.8
CVE-2023-2033 [HIGH] CVE-2023-2033: Google Chrome Patch Addresses Zero-day Vulnerability
In a recent event, Google released an emergency security update to address a zero-day vulnerability in the Chromium-based browser. The vulnerability, CVE-2023-2033, is a type confusion issue in the V8 JavaScript engine used by Chromium Open Source Software (OSS), which is consumed by browsers like Google Chrome, Microsoft Edge (Chromium-based), etc. This vulnerability could allow attackers to execute remote code and gain unauthorized access to sensitive information. In this blog post, we will delve deeper into what type confusion vulnerability is and provide details on the CVE-2023-2033 vulnerability.
The vulnerability has a CVSS score of 8.8, classified as HIGH.
## What is type confusion vulnerability?
Type confusion vulnerability happens when code lacks type-checking by not verifying
Sentinelone
Avoiding the Storm | How to Protect Cloud Infrastructure from Insider Threats
blogs_sentinelone·2023-04-20
Avoiding the Storm | How to Protect Cloud Infrastructure from Insider Threats
One of the most significant security threats to cloud infrastructure is insider threats . As more businesses move to cloud and hybrid environments, employees sending sensitive data to unsecured or misconfigured clouds risk exposing their organization to advanced cyber threats and opportunistic attackers.
The importance of cloud infrastructure to businesses of all sizes along with the privileged access that insiders often have mean that mitigating the risk of insider threats is now high on the list of priorities for mature security teams. In this post, we describe and explore best practices that security teams can implement to safeguard cloud infrastructures from insider threats .
## Why Are Insiders Considered a Main Risk to Cloud?
Whether out of negligence or presenting malicious inten
https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_14.htmlhttps://crbug.com/1432210https://lists.fedoraproject.org/archives/list/[email protected]/message/4AOSGAOPXLBK4A5ZRTVZ4M6QKVLSWMWG/https://lists.fedoraproject.org/archives/list/[email protected]/message/ES2CDRHR2Y4WY6DNDIAPYZFXJU3ZBFAV/https://lists.fedoraproject.org/archives/list/[email protected]/message/FEJZMAUB4XP44HSHEBDWEKFGA7DUHY42/https://lists.fedoraproject.org/archives/list/[email protected]/message/IHHD6KNH4WLUE6JG6HRQZWNAJMHJ32X7/https://lists.fedoraproject.org/archives/list/[email protected]/message/RJQI63HWZFL6M26Q6UOHKDY6LD2PFC5Z/https://lists.fedoraproject.org/archives/list/[email protected]/message/SLO7BL2MHZYPY6O3OAEAQL3SKYMGGO6M/https://security.gentoo.org/glsa/202309-17https://www.couchbase.com/alerts/https://www.debian.org/security/2023/dsa-5390https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_14.htmlhttps://crbug.com/1432210https://lists.fedoraproject.org/archives/list/[email protected]/message/4AOSGAOPXLBK4A5ZRTVZ4M6QKVLSWMWG/https://lists.fedoraproject.org/archives/list/[email protected]/message/ES2CDRHR2Y4WY6DNDIAPYZFXJU3ZBFAV/https://lists.fedoraproject.org/archives/list/[email protected]/message/FEJZMAUB4XP44HSHEBDWEKFGA7DUHY42/https://lists.fedoraproject.org/archives/list/[email protected]/message/IHHD6KNH4WLUE6JG6HRQZWNAJMHJ32X7/https://lists.fedoraproject.org/archives/list/[email protected]/message/RJQI63HWZFL6M26Q6UOHKDY6LD2PFC5Z/https://lists.fedoraproject.org/archives/list/[email protected]/message/SLO7BL2MHZYPY6O3OAEAQL3SKYMGGO6M/https://security.gentoo.org/glsa/202309-17https://www.couchbase.com/alerts/https://www.debian.org/security/2023/dsa-5390https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-2033
2023-04-14
Published
2023-04-17
Added to CISA KEV
Exploited in the wild