A high-severity use-after-free vulnerability in Google Chrome’s HID component could lead to unauthorized system access.

The vulnerability involves improper handling of memory in the browser's HID component. An unauthenticated attacker can trigger this flaw by enticing a user to visit a malicious website.

A CVSS score of 8.3 underscores the criticality of this issue. If exploited, an attacker could gain control over the browser, potentially leading to the compromise of sensitive corporate assets or user credentials.

Immediate Action: Update all Google Chrome instances to version 148 or later to address the memory management flaw.

Proactive Monitoring: Monitor browser-related crash logs and endpoint security telemetry for signs of exploitation.

Compensating Controls: Use browser-based security policies to restrict access to potentially untrusted or malicious hardware interfaces.

Public Exploit Available: false

All Chrome users should be moved to the latest version immediately. Rapid remediation is necessary to mitigate the risk of browser-based attacks targeting hardware interface components.