CVE-2023-5476: Use after free in Google Chrome
Use after free in Blink History in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
AI Analysis
Technical Summary
CVE-2023-5476 is a use-after-free vulnerability identified in the Blink History component of Google Chrome versions prior to 118.0.5993.70. This vulnerability arises when the browser improperly manages memory, specifically freeing an object while it is still accessible, leading to potential heap corruption. An attacker can exploit this flaw by crafting a malicious HTML page that, when visited by a user, triggers the use-after-free condition. This can result in arbitrary code execution, allowing the attacker to execute code in the context of the browser process. The vulnerability has a CVSS v3.1 score of 8.8, indicating a high severity level. The attack vector is network-based (AV:N), requiring no privileges (PR:N) but does require user interaction (UI:R), such as visiting a malicious webpage. The impact affects confidentiality, integrity, and availability (C:H/I:H/A:H), meaning an attacker could potentially steal sensitive information, alter data, or cause denial of service. The vulnerability is categorized under CWE-416 (Use After Free), a common memory corruption issue. As of the published date, no known exploits are reported in the wild, but the high severity score and the nature of the vulnerability make it a critical risk if left unpatched. The flaw affects all Chrome installations prior to version 118.0.5993.70, which is widely used across desktop and mobile platforms globally.
Potential Impact
For European organizations, this vulnerability poses a significant risk due to the widespread use of Google Chrome as a primary web browser in both enterprise and consumer environments. Successful exploitation could lead to unauthorized access to sensitive corporate data, session hijacking, or deployment of malware within organizational networks. Given the high impact on confidentiality, integrity, and availability, attackers could leverage this vulnerability to conduct espionage, disrupt business operations, or propagate ransomware. The requirement for user interaction means phishing campaigns or malicious websites could be vectors for exploitation, increasing the risk in sectors with high web exposure such as finance, government, healthcare, and critical infrastructure. Additionally, the vulnerability could be used as a foothold for lateral movement within networks, exacerbating the potential damage. The absence of known exploits in the wild currently provides a window for proactive mitigation, but the high CVSS score underscores the urgency for patching.
Mitigation Recommendations
European organizations should prioritize updating Google Chrome to version 118.0.5993.70 or later immediately to remediate this vulnerability. Beyond patching, organizations should implement strict web filtering policies to block access to untrusted or suspicious websites, reducing the risk of user interaction with malicious content. Deploying endpoint detection and response (EDR) solutions can help identify anomalous browser behavior indicative of exploitation attempts. Security awareness training should emphasize the risks of clicking unknown links or visiting untrusted sites. Network segmentation can limit the impact of a compromised endpoint. Additionally, organizations should monitor threat intelligence feeds for any emerging exploit activity related to CVE-2023-5476 and be prepared to apply additional mitigations such as disabling JavaScript or using browser isolation technologies in high-risk environments. Regular vulnerability scanning and compliance checks should verify that all Chrome instances are up to date.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Belgium, Sweden, Poland, Ireland
CVE-2023-5476: Use after free in Google Chrome
Description
Use after free in Blink History in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
AI-Powered Analysis
Technical Analysis
CVE-2023-5476 is a use-after-free vulnerability identified in the Blink History component of Google Chrome versions prior to 118.0.5993.70. This vulnerability arises when the browser improperly manages memory, specifically freeing an object while it is still accessible, leading to potential heap corruption. An attacker can exploit this flaw by crafting a malicious HTML page that, when visited by a user, triggers the use-after-free condition. This can result in arbitrary code execution, allowing the attacker to execute code in the context of the browser process. The vulnerability has a CVSS v3.1 score of 8.8, indicating a high severity level. The attack vector is network-based (AV:N), requiring no privileges (PR:N) but does require user interaction (UI:R), such as visiting a malicious webpage. The impact affects confidentiality, integrity, and availability (C:H/I:H/A:H), meaning an attacker could potentially steal sensitive information, alter data, or cause denial of service. The vulnerability is categorized under CWE-416 (Use After Free), a common memory corruption issue. As of the published date, no known exploits are reported in the wild, but the high severity score and the nature of the vulnerability make it a critical risk if left unpatched. The flaw affects all Chrome installations prior to version 118.0.5993.70, which is widely used across desktop and mobile platforms globally.
Potential Impact
For European organizations, this vulnerability poses a significant risk due to the widespread use of Google Chrome as a primary web browser in both enterprise and consumer environments. Successful exploitation could lead to unauthorized access to sensitive corporate data, session hijacking, or deployment of malware within organizational networks. Given the high impact on confidentiality, integrity, and availability, attackers could leverage this vulnerability to conduct espionage, disrupt business operations, or propagate ransomware. The requirement for user interaction means phishing campaigns or malicious websites could be vectors for exploitation, increasing the risk in sectors with high web exposure such as finance, government, healthcare, and critical infrastructure. Additionally, the vulnerability could be used as a foothold for lateral movement within networks, exacerbating the potential damage. The absence of known exploits in the wild currently provides a window for proactive mitigation, but the high CVSS score underscores the urgency for patching.
Mitigation Recommendations
European organizations should prioritize updating Google Chrome to version 118.0.5993.70 or later immediately to remediate this vulnerability. Beyond patching, organizations should implement strict web filtering policies to block access to untrusted or suspicious websites, reducing the risk of user interaction with malicious content. Deploying endpoint detection and response (EDR) solutions can help identify anomalous browser behavior indicative of exploitation attempts. Security awareness training should emphasize the risks of clicking unknown links or visiting untrusted sites. Network segmentation can limit the impact of a compromised endpoint. Additionally, organizations should monitor threat intelligence feeds for any emerging exploit activity related to CVE-2023-5476 and be prepared to apply additional mitigations such as disabling JavaScript or using browser isolation technologies in high-risk environments. Regular vulnerability scanning and compliance checks should verify that all Chrome instances are up to date.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Chrome
- Date Reserved
- 2023-10-10T00:12:40.257Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682d9839c4522896dcbec7e2
Added to database: 5/21/2025, 9:09:13 AM
Last enriched: 7/2/2025, 1:26:28 AM
Last updated: 8/17/2025, 5:52:40 PM
Views: 12
Related Threats
CVE-2025-3495: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Delta Electronics COMMGR
CriticalCVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.