PT-2021-7885 · Google+1 · Google Chrome+1
Khalil Zhani
·
Published
2021-11-15
·
Updated
2023-08-12
·
CVE-2021-4316
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Google Chrome versions prior to 96.0.4664.45
Description
The issue is related to the Cast UI interface in Google Chrome, where errors in information representation by the user interface can be exploited. This can allow a remote attacker to conduct spoofing attacks using a specially crafted HTML page. The estimated number of potentially affected devices and details about real-world incidents are not provided.
Recommendations
For versions prior to 96.0.4664.45, update to version 96.0.4664.45 or later to resolve the issue. As a temporary workaround, consider restricting access to the Cast UI interface until a patch is applied. Avoid using the Cast UI interface with untrusted HTML pages until the issue is resolved.
Exploit
Fix
UI Misrepresentation of Critical Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Google Chrome