CVE-2023-4762

Vulnerability updated 7 months ago (2024-05-04T17:17:43.650Z)
Download STIX
Preview STIX
CVE-2023-4762 is a software vulnerability, specifically a remote code execution flaw in the Chrome web browser. This vulnerability was identified by researchers from Google's Threat Analysis Group (TAG) in September 2023, around the same time Apple disclosed its own zero-day bugs. The vulnerability was found to be exploited as part of an exploit chain developed by a commercial software company named Intellexa. Intellexa was discovered to have been using this exploit chain, which included the Chrome zero-day CVE-2023-4762, to install a spying tool called Predator on Android devices. The delivery of Predator was achieved through two methods: the AitM injection and via one-time links sent directly to the target device. These activities were detected and reported by Google TAG, pointing out the abuse of the Chrome zero-day vulnerability. The exploitation of CVE-2023-4762 by Intellexa was not isolated to general Android devices but was specifically noted in Egypt. Google TAG identified Intellexa as a surveillance vendor, abusing the Chrome zero-day vulnerability to drop the Predator spying tool on targeted Android devices within the region. This revelation underscores the potential severity and global security implications of such software vulnerabilities.
Description last updated: 2024-05-04T17:16:19.631Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Exploit
Chrome
Android
Google
Chromium
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The Predator Malware is associated with CVE-2023-4762. Predator is a highly invasive malware known for its extensive data-stealing and surveillance capabilities. The malicious software, developed by the Intellexa Consortium, a complex international network of decentralized companies, can infect systems through suspicious downloads, emails, or websites aUnspecified
2
Source Document References
Information about the CVE-2023-4762 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
CISA
10 months ago
DARKReading
10 months ago
CERT-EU
10 months ago
CERT-EU
a year ago
CERT-EU
a year ago
Securityaffairs
a year ago
Securelist
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
DARKReading
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago