1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Google Chromium V8 Heap Buffer Overflow Vulnerability

Known Exploited Vulnerabilities CVE-2021-21148

Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2021-21148 Google Chromium V8 Heap Buffer Overflow Vulnerability exploitation_technique T1059.007 JavaScript
Comments
CVE-2021-21148 allows an adversary to use JavaScript to exploit the Chromium browser V8 JavaScript engine which allows for a write into the heap.
References
  1. https://threatprotect.qualys.com/2021/02/08/google-chrome-heap-buffer-overflow-vulnerability-cve-2021-21148/
  2. https://www.tenable.com/blog/cve-2021-21148-google-chrome-heap-buffer-overflow-vulnerability-exploited-in-the-wild
CVE-2021-21148 Google Chromium V8 Heap Buffer Overflow Vulnerability primary_impact T1203 Exploitation for Client Execution
Comments
CVE-2021-21148 allows an adversary to use JavaScript to exploit the Chromium browser V8 JavaScript engine which allows for a write into the heap.
References
  1. https://www.tenable.com/blog/cve-2021-21148-google-chrome-heap-buffer-overflow-vulnerability-exploited-in-the-wild
  2. https://threatprotect.qualys.com/2021/02/08/google-chrome-heap-buffer-overflow-vulnerability-cve-2021-21148/