Levit Nudi

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 129.0.6668.58 Microsoft Edge (affected versions not specified) **Description** The issue is related to an inappropriate implementation in the Autofill feature, allowing a remote attacker to perform UI spoofing via a crafted HTML page. This could potentially lead to security breaches by tricking users into interacting with malicious interfaces. **Recommendations** For Google Chrome versions prior to 129.0.6668.58, update to version 129.0.6668.58 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome on Android versions prior to 117.0.5938.62 **Description** The issue is related to an inappropriate implementation in Custom Tabs, allowing a remote attacker to obfuscate a permission prompt via a crafted HTML page. This could potentially enable the attacker to bypass security restrictions. **Recommendations** For Google Chrome on Android versions prior to 117.0.5938.62, update to version 117.0.5938.62 or later to resolve the issue. As a temporary workaround, consider restricting the use of Custom Tabs until the update is applied.

**Name of the Vulnerable Software and Affected Versions** CONPROSYS HMI System (CHS) versions prior to 3.5.3 **Description** An issue exists due to improper access control, allowing a user of the PC where the affected product is installed to potentially gain administrative privileges. This could result in the user obtaining and/or altering product information. **Recommendations** For versions prior to 3.5.3, update to version 3.5.3 or later to resolve the issue.