A critical out-of-bounds read vulnerability in Google Chrome for Android enables remote attackers to escape the browser sandbox and potentially compromise the underlying device.

This vulnerability involves an out-of-bounds read within the GPU process. An attacker who has already compromised the renderer process can leverage this flaw to escape the security sandbox via a malicious HTML page.

Successful exploitation poses a severe risk to mobile device security, potentially leading to unauthorized access to user data and system-level compromise. Given the CVSS score of 9.6, the impact on integrity and confidentiality is extreme, warranting immediate attention to prevent full device takeover.

Immediate Action: Update Google Chrome on all Android devices to version 147.0.7727.117 or later immediately.

Proactive Monitoring: Monitor device traffic for anomalous HTML rendering patterns and review mobile endpoint logs for unexpected process crashes or unauthorized sandbox activity.

Compensating Controls: Use mobile device management (MDM) solutions to enforce browser update policies and restrict the execution of untrusted or unknown web content.

Public Exploit Available: No

The severity of this flaw cannot be overstated, as sandbox escapes are highly sought after by threat actors for persistent device compromise. IT administrators must prioritize the deployment of the latest Chrome update across all managed Android assets to mitigate this critical risk.