1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Google Chromium Mojo Insufficient Data Validation Vulnerability

Known Exploited Vulnerabilities CVE-2022-3075

Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2022-3075 Google Chromium Mojo Insufficient Data Validation Vulnerability exploitation_technique T1204.001 Malicious Link
Comments
This data validation vulnerability is exploited by a remote attacker who compromised the renderer process via a crafted HTML page to potentially perform a sandbox escape. Exploitation in the wild techniques have not been published by Google.
References
  1. https://thehackernews.com/2022/09/google-release-urgent-chrome-update-to.html