CERT-In warns users of multiple vulnerabilities in Google Chrome and Zoho software -

The Indian Computer Emergency Response Team (CERT-In) has warned users of multiple vulnerabilities in Google Chrome which could allow a remote attacker to execute arbitrary code and denial-of-service (DoS) conditions on the targeted system.

These vulnerabilities exist in Google Chrome due to heap buffer overflow in web real-time communication (WebRTC), type confusion in V8 and use-after-free (UAF) in Chrome operating system Shell.

According to CERT-In, the vulnerability, CVE-2022-2294, is being exploited. To this end, it has advised users to urgently apply patches.

The cyber agency has also advised users against a remote code execution vulnerability that has been reported in a Zoho Corporation software which could be exploited by an unauthenticated remote attacker to execute arbitrary code on the targeted system. The vulnerability exists in Zoho ManageEngine ADAudit Plus due to a misconfigured extensible markup language (XML) parser that processes user-supplied input without sufficient validation.

To this end, CERT-In has advised users to upgrade to the latest Zoho ManageEngine ADAudit Plus security build update.

CERT-In warns users of multiple vulnerabilities in Google Chrome and Zoho software

Related Posts

India to consume semiconductors worth $80 billion to manufacture electronics worth $300 billion by 2026, says Rajeev Chandrasekhar

LTTS to divest Smart World unit to AMI Paradigm for Rs 4.52 billion

Bharti Airtel’s current ARPU is not sustainable, says Airtel’s Gopal Vittal

Spice Mobiles launches the Stellar 519 4G smartphone in India