The Indian Computer Emergency Response Team (CERT-In) on Friday warned users of vulnerabilities in Google Chrome and Siemens products, which could allow an attacker to execute arbitrary code on the targeted system.

The affected software in Google Chrome includes — Chrome versions prior to 125.0.6422.112/.113 for Windows and Mac and versions before 125.0.6422.112 for Linux.

The affected Siemens products include — Parasolid, SIMATIC RTLS, Simcenter Nastran, SIMATIC CN 4100, RUGGEDCOM, Solid Edge, Teamcenter Visualisation, JT2Go, CPC80, CPCI85, and six more.

Buy Me A Coffee

“A vulnerability has been reported in Google Chrome for Desktop which could be exploited by a remote attacker to execute arbitrary code on the targeted system,” said the CERT-In advisory.

The ‘Remote Code Execution’ vulnerability exists in Google Chrome for Desktop due to the ‘Type Confusion’ flaw in V8. An attacker could exploit this vulnerability by sending a specially crafted request.

Moreover, the cyber agency said that the multiple vulnerabilities reported in Siemens Products could allow an attacker to execute arbitrary code, escalate privileges or perform denial of service (DoS) conditions on the targeted system.

The agency suggested users apply appropriate security updates as mentioned by the companies.

READ
Chinese Hackers Breach Over 20,000 FortiGate Systems Worldwide in Extensive Cyber Espionage Campaign