Chrome V8 Type Confusion / New Sandbox Escape

Secure your products with top-tier expert knowledge and advanced Penetration Testing (CREST Approved)

Let's collaborate to build and maintain secure, trustworthy products

We transform threats into trust by integrating advanced tech and expertise in product security. Our approach encompasses Security by Design, rigorous security assurance and penetration testing, and compliance through expert documentation, from design to post-market. We offer CREST-approved pen testing in EMEA, upholding top security standards.

CREST Approved in EMEA

Proof of concept exploit for CVE-2023-3079 that leverages a type confusion in V8 in Google Chrome versions prior to 114.0.5735.110. This issue allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This variant of the exploit applies a new technique to escape the sandbox.   Exploit Files ≈ Packet Storm 

 

More To Explore

Elevating Teleco Security for the Digital Future

Elevating Teleco Security for the Digital Future In the digital era, the telecommunication sector is at the forefront, driven by groundbreaking advancements like 5G and