1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Google Chromium Blink Use-After-Free Vulnerability

Known Exploited Vulnerabilities CVE-2021-21206

Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2021-21206 Google Chromium Blink Use-After-Free Vulnerability exploitation_technique T1203 Exploitation for Client Execution
Comments
CVE-2021-21206 allows an adversary to use JavaScript to exploit the Blink rendering engine of the Chromium Browser that allows for execution of arbitrary code.
References
  1. https://www.zerodayinitiative.com/advisories/ZDI-21-411/
CVE-2021-21206 Google Chromium Blink Use-After-Free Vulnerability exploitation_technique T1059.007 JavaScript
Comments
CVE-2021-21206 allows an adversary to use JavaScript to exploit the Blink rendering engine of the Chromium Browser that allows for execution of arbitrary code.
References
  1. https://www.zerodayinitiative.com/advisories/ZDI-21-411/