A use-after-free vulnerability in Google Chrome for Android's Permissions component poses a high risk of unauthorized code execution.

This is a use-after-free vulnerability affecting the Permissions handling logic in Chrome for Android. An unauthenticated attacker could trigger this flaw to execute arbitrary code by enticing a user to visit a malicious site.

The ability to execute code on mobile devices through browser vulnerabilities can lead to the theft of sensitive personal or corporate data stored on the device. With a CVSS score of 8.8, the potential for widespread impact on mobile endpoints is significant, necessitating urgent remediation.

Immediate Action: Update the Google Chrome application on all Android devices to version 147 or later.

Proactive Monitoring: Review mobile device management (MDM) logs for indicators of compromised browser sessions or unauthorized application behavior.

Compensating Controls: Implement mobile threat defense (MTD) solutions to detect and block malicious web traffic and exploit patterns.

Public Exploit Available: false

Mobile devices are frequently used for enterprise access, making this vulnerability a priority for IT and security teams. Ensure that all managed mobile devices are updated to the latest Chrome version to maintain a secure posture.