CVE-2024-8909: Chromium: CVE-2024-8909 Inappropriate implementation in UI

CVE-2024-8908: Chromium: CVE-2024-8908 Inappropriate implementation in Autofill

CVE-2024-8907: Chromium: CVE-2024-8907 Insufficient data validation in Omnibox

CVE-2024-8906: Chromium: CVE-2024-8906 Incorrect security UI in Downloads

CVE-2024-8905: Chromium: CVE-2024-8905 Inappropriate implementation in V8

**According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability?**

This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.

Headline

CVE-2023-35641: Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

Microsoft Security Response Center: Latest News