Use after free in WebUSB in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via a malicious peripheral. (Chromium security severity: Critical)
| Vendor | Product | Versions |
|---|---|---|
| chrome | 150.0.7871.47 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| apple | macos | cve_cpe | 95% |
| chrome | cert_advisory | 90% |
Updated vendor to Microsoft and added that the exploit is now available in Microsoft Edge.
Updated affected versions to include 149.0.7827.201, changed severity to CRITICAL, and noted that the exploit is actively exploited.
Initial creation