Home
Mapping Frameworks
Known Exploited Vulnerabilities Home
Google Chromium V8 Type Confusion Vulnerability

Known Exploited Vulnerabilities CVE-2024-5274 Mappings

Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name	Notes
CVE-2024-5274	Google Chromium V8 Type Confusion Vulnerability	primary_impact	T1203	Exploitation for Client Execution	Comments This vulnerability is exploited by the hosting of malicious content on a website. Adversaries use this to deliver an information-stealing payload within Chrome. References https://blog.google/threat-analysis-group/state-backed-attackers-and-commercial-surveillance-vendors-repeatedly-use-the-same-exploits/
CVE-2024-5274	Google Chromium V8 Type Confusion Vulnerability	exploitation_technique	T1189	Drive-by Compromise	Comments This vulnerability is exploited by the hosting of malicious content on a website. Adversaries use this to deliver an information-stealing payload within Chrome. References https://blog.google/threat-analysis-group/state-backed-attackers-and-commercial-surveillance-vendors-repeatedly-use-the-same-exploits/