A high-severity use-after-free vulnerability in Google Chrome on Android poses a significant risk of arbitrary code execution if exploited by a malicious actor.

This vulnerability is a use-after-free flaw within the Printing functionality of the browser. It likely requires the user to interact with malicious content, as the context implies an unauthenticated remote attacker could trigger memory corruption.

The vulnerability carries a CVSS score of 8.3, classifying it as high severity. Successful exploitation could lead to unauthorized code execution, resulting in full system compromise, data theft, or the installation of persistent malware on mobile devices used within the corporate environment.

Immediate Action: Update Google Chrome on all affected Android devices to version 149 or later immediately.

Proactive Monitoring: Monitor device security logs for abnormal application crashes or unexpected browser behavior that may indicate exploitation attempts.

Compensating Controls: Ensure Google Play Protect is enabled and utilize mobile device management (MDM) solutions to enforce browser version compliance.

Public Exploit Available: false

Given the severity of use-after-free vulnerabilities in browser engines, immediate patching is mandatory. Organizations should prioritize updating all mobile endpoints to mitigate the risk of remote code execution and potential data exfiltration.