Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2022-3075 | Google Chromium Mojo Insufficient Data Validation Vulnerability | exploitation_technique | T1204.001 | Malicious Link |
Comments
This data validation vulnerability is exploited by a remote attacker who compromised the renderer process via a crafted HTML page to potentially perform a sandbox escape.
Exploitation in the wild techniques have not been published by Google.
References
|