A high-severity memory corruption vulnerability has been identified in Google Chrome on iOS devices. This flaw, known as a "Use after free," could allow a remote attacker to execute arbitrary code or cause a crash by tricking a user into visiting a specially crafted webpage. Successful exploitation could lead to the compromise of the affected iPhone or iPad, potentially resulting in data theft or unauthorized access to sensitive information.

The vulnerability is a Use-After-Free (UAF) condition within the "Internals" component of Google Chrome. A UAF flaw occurs when a program continues to use a pointer to a memory location after that memory has been deallocated or "freed." An attacker can exploit this by crafting a malicious webpage that triggers this specific memory handling error. By manipulating the freed memory space before the application attempts to use it again, the attacker can overwrite legitimate data with malicious code, leading to arbitrary code execution within the security context of the Chrome browser.

This vulnerability is rated as High severity with a CVSS score of 7.5. Exploitation could have a significant business impact, particularly in organizations with a mobile workforce or Bring-Your-Own-Device (BYOD) policies. If an employee using an unpatched version of Chrome on an iPhone or iPad visits a malicious website, their device could be compromised. This could lead to the theft of sensitive corporate data stored on the device, interception of communications, unauthorized access to internal networks, or the device being used as a pivot point for further attacks against the organization.

Immediate Action: All instances of Google Chrome on corporate-managed and personal (BYOD) iOS devices must be updated to version 127 or later immediately. Use Mobile Device Management (MDM) solutions to enforce the update across the fleet. Concurrently, security teams should monitor for any signs of exploitation attempts by reviewing network logs for connections to suspicious domains and endpoint logs for anomalous browser behavior.

Proactive Monitoring: Implement enhanced monitoring for mobile devices. Look for unusual network traffic patterns originating from iPhones and iPads, particularly unexpected data exfiltration or communication with known command-and-control (C2) servers. Monitor for an increase in Chrome application crashes on iOS devices, as this can be an indicator of failed exploitation attempts.

Compensating Controls: If immediate patching is not feasible, consider the following controls:

• Utilize web filtering and DNS protection services to block access to known malicious and uncategorized websites.
• Enforce policies that restrict access to sensitive corporate resources from unpatched mobile devices.
• Increase user awareness through a security advisory, warning employees to be cautious of unsolicited links in emails and messages.

Public Exploit Available: false

Given the high severity (CVSS 7.5) and the widespread use of Google Chrome on iOS, this vulnerability presents a significant risk to the organization. The ease of exploitation—requiring only that a user visit a malicious webpage—increases the urgency for remediation. We strongly recommend prioritizing the immediate deployment of the security update for Google Chrome to version 127 or newer on all managed and BYOD iOS devices. Although this CVE is not currently on the CISA KEV list, its characteristics make it a prime candidate for future inclusion should it be exploited in the wild. Swift and comprehensive patching is the most effective defense.