BACK TO NEWS
CERT Advisories

CISA Flags Actively Exploited CVE-2023-52163 in Chrome Use-After-Free Flaw

2 min readSource: CISA Cybersecurity Advisories
CVE-2023-52163

CISA adds CVE-2023-52163, a use-after-free vulnerability in Google Chrome, to its KEV catalog after confirmed in-the-wild exploitation.

CISA Adds Actively Exploited Chrome Vulnerability to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-52163, a use-after-free vulnerability in Google Chrome, to its Known Exploited Vulnerabilities (KEV) Catalog following evidence of active exploitation in the wild. The addition was announced on December 22, 2024, underscoring the urgency for organizations to address the flaw.

Technical Details

  • CVE ID: CVE-2023-52163
  • Affected Software: Google Chrome (versions prior to 118.0.5993.70)
  • Vulnerability Type: Use-after-free in Chrome’s Site Isolation feature
  • Severity: High (CVSS score pending)
  • Exploitation Status: Confirmed in-the-wild attacks

The flaw stems from improper memory handling in Chrome’s Site Isolation component, which could allow attackers to execute arbitrary code or escape the browser’s sandbox via specially crafted web content. Google patched the vulnerability in October 2023, but unpatched systems remain at risk.

Impact Analysis

CVE-2023-52163 poses a significant threat to enterprises and individuals relying on unpatched Chrome installations. Successful exploitation could lead to:

  • Remote code execution (RCE) within the context of the logged-in user
  • Sandbox escape, enabling broader system compromise
  • Data exfiltration or lateral movement in targeted attacks

Given CISA’s inclusion of the flaw in the KEV catalog, federal agencies and organizations bound by Binding Operational Directive (BOD) 22-01 must apply patches by January 13, 2025, to comply with federal mandates.

Recommendations

  1. Patch Immediately: Update Google Chrome to version 118.0.5993.70 or later.
  2. Audit Systems: Identify and remediate unpatched Chrome instances in enterprise environments.
  3. Monitor for Exploitation: Deploy network and endpoint detection rules to identify potential exploitation attempts.
  4. User Awareness: Educate users on the risks of delayed patching and phishing attacks leveraging this vulnerability.

For further details, refer to CISA’s official alert.

Share

TwitterLinkedIn